Filtered by vendor Aria2 Project
Subscriptions
Filtered by product Aria2
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-8367 | 1 Aria2 Project | 1 Aria2 | 2026-05-14 | 4.8 Medium |
| aria2c accepts a server certificate with incorrect Extended Key Usage (EKU). If the attackers compromise a certificate (with the associated private key) issued for a different purpose, they may be able to reuse it for TLS server authentication. | ||||
| CVE-2019-3500 | 4 Aria2 Project, Canonical, Debian and 1 more | 4 Aria2, Ubuntu Linux, Debian Linux and 1 more | 2024-11-21 | 7.8 High |
| aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file. | ||||
Page 1 of 1.