153 matches found
Medium: runc
Issue Overview: Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon. CVE-2025-22874 Proxy-Authorization and Proxy-Authenticate headers...
Medium: containerd
Issue Overview: Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon. CVE-2025-22874 Proxy-Authorization and Proxy-Authenticate headers...
Amazon Linux 2023 : nerdctl (ALAS2023-2025-1075)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1075 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which a...
Amazon Linux 2023 : oci-add-hooks (ALAS2023-2025-1079)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1079 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which a...
Amazon Linux 2023 : runfinch-finch (ALAS2023-2025-1073)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1073 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which a...
Amazon Linux 2023 : soci-snapshotter (ALAS2023-2025-1076)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1076 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which a...
Medium: docker
Issue Overview: Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon. CVE-2025-22874 Proxy-Authorization and Proxy-Authenticate headers...
crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509
A flaw was found in Go's crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages...
TencentOS Server 4: golang (TSSA-2025:0500)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0500 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Medium: golang
Issue Overview: Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon. CVE-2025-22874 Proxy-Authorization and Proxy-Authenticate headers...
Medium: golang
Issue Overview: Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon. CVE-2025-22874 Proxy-Authorization and Proxy-Authenticate headers...
BIT-GOLANG-2025-22874 Usage of ExtKeyUsageAny disables policy validation in crypto/x509
Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...
DEBIAN-CVE-2025-22874
Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...
AZL-63872 CVE-2025-22874 affecting package msft-golang for versions less than 1.24.1-3
Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...
CVE-2025-22874
Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...
AZL-72104 CVE-2025-22874 affecting package golang for versions less than 1.24.4-1
Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...
CVE-2025-22874
Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...
UBUNTU-CVE-2025-22874
Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...
CVE-2025-22874
CVE-2025-22874 is confirmed in multiple advisories (ALAS/AL2/ECS) tied to Go crypto/X509 verification where Verify with VerifyOptions.KeyUsages containing ExtKeyUsageAny disables policy validation for some certificate chains with policy graphs. Concrete affected packages include amazon-ssm-agent ...
CVE-2025-22874 Usage of ExtKeyUsageAny disables policy validation in crypto/x509
Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...