Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.9 views

CVE-2026-40944

Oxia is a metadata store and coordination system. Prior to 0.16.2, the trustedCertPool function in the TLS configuration only parses the first PEM block from CA certificate files. When a CA bundle contains multiple certificates e.g., intermediate + root CA, only the first certificate is loaded...

6.9CVSS5.4AI score0.0016EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/21 9:14 p.m.5 views

EUVD-2026-24509

Oxia is a metadata store and coordination system. Prior to 0.16.2, the trustedCertPool function in the TLS configuration only parses the first PEM block from CA certificate files. When a CA bundle contains multiple certificates e.g., intermediate + root CA, only the first certificate is loaded...

6.9CVSS5.8AI score0.0016EPSS
Exploits0References1
OSV
OSV
added 2026/04/14 11:15 p.m.5 views

GHSA-7JRQ-Q4PQ-RHM6 Oxia's TLS CA certificate chain validation fails with multi-certificate PEM bundles

Summary The trustedCertPool function in the TLS configuration only parses the first PEM block from CA certificate files. When a CA bundle contains multiple certificates e.g., intermediate + root CA, only the first certificate is loaded. This silently breaks certificate chain validation for mTLS...

9.3CVSS5.8AI score0.0016EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.6 views

PT-2026-34188

Name of the Vulnerable Software and Affected Versions Oxia versions prior to 0.16.2 Description The trustedCertPool function in the TLS configuration only parses the first PEM block from CA certificate files. When a CA bundle contains multiple certificates, such as an intermediate and a root CA,...

9.3CVSS5.8AI score0.0016EPSS
Exploits0References6
OSV
OSV
added 2026/04/13 5:43 a.m.4 views

BIT-GOLANG-2026-32281 Inefficient policy validation in crypto/x509

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

7.5CVSS5.8AI score0.00349EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.4 views

PT-2026-32425

When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

7.5CVSS5.8AI score0.0034EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.6 views

PT-2026-32420

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

7.5CVSS5.8AI score0.00349EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/04/08 11:25 p.m.3 views

SUSE CVE-2026-33810

When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

5.9CVSS5.8AI score0.0034EPSS
Exploits0References9
NVD
NVD
added 2026/04/08 2:16 a.m.5 views

CVE-2026-32281

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

7.5CVSS0.00349EPSS
Exploits0References4
OSV
OSV
added 2026/04/08 2:16 a.m.1 views

DEBIAN-CVE-2026-32281

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

7.5CVSS5.3AI score0.00349EPSS
Exploits0References1
OSV
OSV
added 2026/04/08 2:16 a.m.3 views

DEBIAN-CVE-2026-33810

When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

8.2CVSS5.3AI score0.0034EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/08 2:16 a.m.8 views

CVE-2026-32281

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

7.5CVSS5.9AI score0.00349EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/08 1:6 a.m.3 views

CVE-2026-32281

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

7.5CVSS5.8AI score0.00349EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/08 1:6 a.m.21 views

CVE-2026-32281 Inefficient policy validation in crypto/x509

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

0.00349EPSS
Exploits0References4
CVE
CVE
added 2026/04/08 1:6 a.m.118 views

CVE-2026-32281

CVE-2026-32281 : In Go, policy validation for X.509 certificate chains can be inefficient when many policy mappings are present, potentially enabling a denial-of-service on validation of otherwise trusted chains. The OpenSUSE advisories note fixes in Go updates: go1.25.9 and go1.26.2, with SUSE p...

7.5CVSS5.9AI score0.00349EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2026/04/08 1:6 a.m.15 views

CVE-2026-33810

When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...

8.8CVSS5.3AI score0.0034EPSS
Exploits0
Rows per page
Query Builder