Loading HuntDB...

GHSA-7wg4-cjhf-qgvp

GitHub Security Advisory

⚠ Unreviewed HIGH Has CVE

Advisory Details

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificates signed with the RIPEMD-160 hashing algorithm without proper validation, allowing an attacker to establish MITM SSL connections to arbitrary sites.

Related CVEs

Key Information

GHSA ID
GHSA-7wg4-cjhf-qgvp
Published
October 18, 2024 9:31 AM
Last Modified
October 22, 2024 6:32 PM
CVSS Score
7.5 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: July 6, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.