CVE

CVE-2018-21029

CVE-2018-21029

systemd 239 through 243 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication (SNI) is not sent, and there is no hostname validation with the GnuTLS backend.

Source: CVE-2018-21029

Exit mobile version