Tag: Ssl
SSL/TLS handshake errors or expired/invalid certificates.
| ID | Title | Description | Category | Technology | Tags |
|---|---|---|---|---|---|
| CRE-2025-0035 Critical Impact: 7/10 Mitigation: 6/10 | psycopg2 SSL error due to thread or forked process state | Applications using psycopg2 with OpenTelemetry instrumentation or threading may fail with SSL-related errors such as "decryption failed or bad record mac". This often occurs when a database connection is created before a fork or from an unsafe thread context, causing the SSL state to become invalid. | Database Problems | django | SslPsycopg2ForkThreadsDjangoInstrumentationOpentelemetryKnown IssuePublic |
| CRE-2025-0142 Medium Impact: 6/10 Mitigation: 5/10 | Supabase Self-Hosted: SSL Certificate Missing or Invalid Configuration | Detects when Supabase services fail due to missing, invalid, or improperly configured SSL certificates. This affects HTTPS endpoints, secure WebSocket connections, and can prevent clients from establishing secure connections to the self-hosted Supabase instance. | Configuration Problem | kong | SupabaseSslTLSCertificate VerificationSecurityConfigurationProxySelf-HostedSSL CertificatePublic |