Security Validation
Critical flaw in wolfSSL library enables forged certificate use
A critical vulnerability in the wolfSSL SSL/TLS library can weaken security via improper verification of the hash algorithm or its size when checking Elliptic Curve Digital Signature Algorithm (ECDSA) signatures. Researchers warn that an attacker could exploit the issue to force a target device or application to accept forged certificates for malicious servers or connections. […]
2 mins read
Docker makes Hardened Images Catalog affordable for small businesses
The Docker team has announced unlimited access to its Hardened Images catalog to make access to secure software bundles affordable for all development teams at startups and SMBs. Starting today, container images that have been verified to be free of known vulnerabilities (near-zero CVEs), are available to all users through a subscription and a 30-day free […]
2 mins read