crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

Incorrect enforcement of email constraints in crypto/x509

...

BIT-GOLANG-2026-27138 Panic in name constraint checking for malformed certificates in crypto/x509

Certificate verification can panic when a certificate in the chain has an empty DNS name and another certificate in the chain has excluded name constraints. This can crash programs that are either directly verifying X.509 certificate chains, or those that use TLS...

golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints

A flaw was found in the crypto/x509 package of the Golang standard library. A certificate with a URI, which has a IPv6 address with a zone ID, may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI; this...

golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints

A flaw was found in the crypto/x509 package of the Golang standard library. A certificate with a URI, which has a IPv6 address with a zone ID, may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI; this...

gnutls: potential crash during chain building/verification

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command...

CVE-2024-20655

Microsoft Online Certificate Status Protocol OCSP Remote Code Execution Vulnerability...

CLSA-2022-1655821067 Update of grub2

Use CloudLinux vendor cert...

CVE-2020-23982

DesignMasterEvents Conference management 1.0.0 has cross site scripting via the 'certificate.php'...

CVE-2017-4981

EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing vulnerability...