CLEANSTART-2026-SV08737 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions

Multiple security vulnerabilities affect the gitness package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details...

SUSE CVE-2026-32280

During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls...

EUVD-2026-20008

During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls...

Medium: ecs-init

Issue Overview: Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon. CVE-2025-22874 Proxy-Authorization and Proxy-Authenticate headers...

Amazon Linux 2023 : runc (ALAS2023-2025-1078)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1078 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which a...

Medium: docker

Issue Overview: Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon. CVE-2025-22874 Proxy-Authorization and Proxy-Authenticate headers...

CVE-2025-22874

Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...

GO-2025-3749 Usage of ExtKeyUsageAny disables policy validation in crypto/x509

Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...

GO-2021-0140

X509 Certificate verification does not validate KeyUsages EKU requirements on Windows if VerifyOptions.Roots is nil...