GHSA-394X-VWMW-CRM3 AWS-LC X.509 Name Constraints Bypass via Wildcard/Unicode CN

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CN Common Name validation allows certificates with wildcard or raw UTF-8 Unicode CN values to bypass name constraints enforcement. The cn2dnsid function does not recognize these CN patterns as valid D...

AWS-LC X.509 Name Constraints Bypass via Wildcard/Unicode CN

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CN Common Name validation allows certificates with wildcard or raw UTF-8 Unicode CN values to bypass name constraints enforcement. The cn2dnsid function does not recognize these CN patterns as valid D...

RUSTSEC-2026-0044 AWS-LC X.509 Name Constraints Bypass via Wildcard/Unicode CN

A logic error in CN Common Name validation allows certificates with wildcard or raw UTF-8 Unicode CN values to bypass name constraints enforcement. The cn2dnsid function does not recognize these CN patterns as valid DNS identifiers, causing NAMECONSTRAINTScheckCN to skip validation. However,...

Incorrect Permission Assignment for Critical Resource

Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource due to the virt-api component failing to validate the CN field in client TLS certificates against allowed values in the extension-apiserver-authentication configmap. An attacker can...

KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer

Summary Short summary of the problem. Make the impact and severity as clear as possible. A flawed implementation of the Kubernetes aggregation layer's authentication flow could enable bypassing RBAC controls. Details Give all details on the vulnerability. Pointing to the incriminated source code ...

GHSA-38JW-G2QX-4286 KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer

Summary Short summary of the problem. Make the impact and severity as clear as possible. A flawed implementation of the Kubernetes aggregation layer's authentication flow could enable bypassing RBAC controls. Details Give all details on the vulnerability. Pointing to the incriminated source code ...

PT-2025-45491

Name of the Vulnerable Software and Affected Versions KubeVirt versions 1.5.3 and below KubeVirt version 1.6.0 Description KubeVirt, a virtual machine management add-on for Kubernetes, has an issue in its authentication flow within the Kubernetes aggregation layer. The virt-api component does not...

SUSE-SU-2020:2581-1 Security update for openldap2

This update for openldap2 fixes the following issues: - bsc1174154 - CVE-2020-15719 - This resolves an issue with x509 SAN's falling back to CN validation in violation of rfc6125...

openSUSE Security Update : openldap2 (openSUSE-2020-1416)

This update for openldap2 fixes the following issues : - bsc1174154 - CVE-2020-15719 - This resolves an issue with x509 SAN's falling back to CN validation in violation of rfc6125. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptiv...

Fedora 18 : php-pear-CAS-1.3.2-1.fc18 (2012-21084)

Changes in version 1.3.2 Security Fixes : - CVE-2012-5583 Missing CN validation of CAS server certificate 58 Joachim Fritschi Bug Fixes : - Fix broken character encoding in Greek and French 40 Joachim Fritschi - Minor error corrections in a few example files Joachim Fritschi - Remove erroneous...

Fedora 17 : php-pear-CAS-1.3.2-1.fc17 (2012-21106)

Changes in version 1.3.2 Security Fixes : - CVE-2012-5583 Missing CN validation of CAS server certificate 58 Joachim Fritschi Bug Fixes : - Fix broken character encoding in Greek and French 40 Joachim Fritschi - Minor error corrections in a few example files Joachim Fritschi - Remove erroneous...

RHEL 5 / 6 : postgresql and postgresql84 (RHSA-2012:0678)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0678 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The pgdump utility inserted object names literally into...