Failed to perform post-processing for plug-in. Error: The issuer certificate does not have a Basic Constraints extension.

Challenge After upgrading a Windows-based Veeam Backup & Replication deployment to version 13.0.1 or higher, the following error may occur: Failed to perform post-processing for plug-in $pluginName Linux $machine Error: The issuer certificate does not have a Basic Constraints extension. Examples:...

HSEC-2023-0005 tls-extra: certificate validation does not check Basic Constraints

tls-extra: certificate validation does not check Basic Constraints tls-extra does not check the Basic Constraints extension of a certificate in certificate chain processing. Any certificate is treated as a CA certificate. As a consequence, anyone who has a valid certificate can use it to sign...

EUVD-2013-0275

Malware in sbrugna...

CVE-2013-0243

haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections...

CVE-2023-49570 Insecure Trust of Basic Constraints certificate in Bitdefender Total Security HTTPS Scanning (VA-11210)

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates. This occurs when the "Basic Constraints" extension in the certificate indicates that it is meant ...

K16937: OpenSSL vulnerability CVE-2015-1793

Security Advisory Description Description The X509verifycert function in crypto/x509/x509vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints CA values during identification of alternative certificate chains, which allows remote attackers to spoof ...

SUSE CVE-2014-3694

The 1 bundled GnuTLS SSL/TLS plugin and the 2 bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and...

SUSE CVE-2015-1793

The X509verifycert function in crypto/x509/x509vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger...

CVE-2013-0243

haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections...

CVE-2013-0243

haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections...

Code injection

haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections...

CVE-2013-0243

TLS-lib haskell-tls-extra prior to 0.6.1 fails to enforce Basic Constraints in certificate validation, treating any cert as a CA. This enables MITM via forged certs. Remediation: upgrade to 0.6.1 or newer; affected versions include those before 0.6.1 per HSEC-2023-0005 and RH/NVD records.

CVE-2013-0243

haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections...

PT-2019-6839

Name of the Vulnerable Software and Affected Versions haskell-tls-extra versions prior to 0.6.1 Description The issue concerns a problem with certificate validation where the Basic Constraints attribute is not properly checked. This means any certificate is treated as a CA certificate, allowing a...

pidgin: SSL/TLS plug-ins failed to check Basic Constraints

It was found that Pidgin's SSL/TLS plug-ins had a flaw in the certificate validation functionality. An attacker could use this flaw to create a fake certificate, that Pidgin would trust, which could be used to conduct man-in-the-middle attacks against Pidgin...

The vulnerability of the OpenSSL library, which allows a hacker to bypass the standard procedures for verifying certificate chains

The vulnerability of the X509verifycert function in the OpenSSL library is related to insufficient handling of the X.509 Basic Constraints cA value during the identification of an alternative certificate chain. Exploiting this vulnerability allows a malicious actor to bypass the standard...

Code injection

The X509verifycert function in crypto/x509/x509vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger...

DEBIAN-CVE-2015-1793

The X509verifycert function in crypto/x509/x509vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger...

UBUNTU-CVE-2015-1793

The X509verifycert function in crypto/x509/x509vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger...

smack: incorrect X.509 certificate validation

It was found that the ServerTrustManager in the Smack XMPP API did not verify basicConstraints and nameConstraints in X.509 certificate chains. A man-in-the-middle attacker could use this flaw to spoof servers and obtain sensitive information...