Lucene search
K

6 matches found

EUVD
EUVD
added 2026/06/25 8:8 p.m.6 views

EUVD-2026-39555

X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose Subject CN violates an issuing CA's DNS name constraints could be accepted...

6CVSS5.8AI score0.00124EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/10 12:9 p.m.19 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.33.2 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

9.8CVSS6.8AI score0.00863EPSS
Exploits5References80
RedHat Linux
RedHat Linux
added 2026/05/20 4:56 p.m.11 views

crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application

A flaw was found in the crypto/x509 package within Go golang. When verifying a certificate chain, excluded DNS Domain Name System constraints are not correctly applied to wildcard DNS Subject Alternative Names SANs if the case of the SAN differs from the constraint. This oversight could allow an...

8.8CVSS7.2AI score0.0034EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/20 4:56 p.m.18 views

Important: Red Hat Security Advisory: opentelemetry-collector security update

An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

9.1CVSS6.9AI score0.01557EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2026/04/30 5:37 p.m.15 views

CVE-2026-3833

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

7.4CVSS5AI score0.00566EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/30 5:37 p.m.46 views

CVE-2026-3833 Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

6.5CVSS0.00566EPSS
Exploits1References15
Rows per page
Query Builder