Lucene search
K

6 matches found

OSV
OSV
added 2026/03/20 8:34 p.m.7 views

GHSA-394X-VWMW-CRM3 AWS-LC X.509 Name Constraints Bypass via Wildcard/Unicode CN

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CN Common Name validation allows certificates with wildcard or raw UTF-8 Unicode CN values to bypass name constraints enforcement. The cn2dnsid function does not recognize these CN patterns as valid D...

8.2CVSS5.9AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/20 8:34 p.m.11 views

AWS-LC X.509 Name Constraints Bypass via Wildcard/Unicode CN

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CN Common Name validation allows certificates with wildcard or raw UTF-8 Unicode CN values to bypass name constraints enforcement. The cn2dnsid function does not recognize these CN patterns as valid D...

5.9AI score
Exploits0References3Affected Software1
RustSec
RustSec
added 2026/03/19 12:0 p.m.43 views

AWS-LC X.509 Name Constraints Bypass via Wildcard/Unicode CN

A logic error in CN Common Name validation allows certificates with wildcard or raw UTF-8 Unicode CN values to bypass name constraints enforcement. The cn2dnsid function does not recognize these CN patterns as valid DNS identifiers, causing NAMECONSTRAINTScheckCN to skip validation. However,...

5.8AI score
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/26 12:0 a.m.7 views

PT-2024-25908 · Nintendo · Nintendo Wii U Os

Name of the Vulnerable Software and Affected Versions: Nintendo Wii U OS version 5.5.5 Description: The issue allows man-in-the-middle attackers to forge SSL certificates as though they came from a Root CA. This is due to a secondary verification mechanism that only checks whether a CA is known a...

7.4CVSS7.1AI score0.00192EPSS
Exploits0References3
OSV
OSV
added 2023/11/29 7:12 p.m.6 views

CLSA-2023-1701285122 squid34: Fix of CVE-2023-46724

CVE-2023-46724: Fix validation of certificates with CN=...

8.6CVSS7.3AI score0.04012EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:57 a.m.3 views

SUSE CVE-2010-3170

Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL serve...

4.3CVSS8.7AI score0.01096EPSS
Exploits0References10
Rows per page
Query Builder