Lucene search
+L

11 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.11 views

CVE-2026-5263

URI nameConstraints from constrained intermediate CAs are parsed but not enforced during certificate chain verification in wolfcrypt/src/asn.c. A compromised or malicious sub-CA could issue leaf certificates with URI SAN entries that violate the nameConstraints of the issuing CA, and wolfSSL woul...

7CVSS5.4AI score0.00165EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/09 10:16 p.m.4 views

CVE-2026-5263

URI nameConstraints from constrained intermediate CAs are parsed but not enforced during certificate chain verification in wolfcrypt/src/asn.c. A compromised or malicious sub-CA could issue leaf certificates with URI SAN entries that violate the nameConstraints of the issuing CA, and wolfSSL woul...

7CVSS5.8AI score0.00165EPSS
Exploits0References2
OSV
OSV
added 2026/04/09 10:16 p.m.11 views

UBUNTU-CVE-2026-5263

URI nameConstraints from constrained intermediate CAs are parsed but not enforced during certificate chain verification in wolfcrypt/src/asn.c. A compromised or malicious sub-CA could issue leaf certificates with URI SAN entries that violate the nameConstraints of the issuing CA, and wolfSSL woul...

7CVSS5.8AI score0.00165EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/09 9:15 p.m.15 views

CVE-2026-5263

URI nameConstraints from constrained intermediate CAs are parsed but not enforced during certificate chain verification in wolfcrypt/src/asn.c. A compromised or malicious sub-CA could issue leaf certificates with URI SAN entries that violate the nameConstraints of the issuing CA, and wolfSSL woul...

7CVSS5.3AI score0.00165EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:15 p.m.3 views

CVE-2026-5263

URI nameConstraints from constrained intermediate CAs are parsed but not enforced during certificate chain verification in wolfcrypt/src/asn.c. A compromised or malicious sub-CA could issue leaf certificates with URI SAN entries that violate the nameConstraints of the issuing CA, and wolfSSL woul...

7CVSS5.9AI score0.00165EPSS
Exploits0References2
CVE
CVE
added 2026/04/09 9:15 p.m.14 views

CVE-2026-5263

The CVE concerns wolfSSL’s wolfcrypt (asn.c) where URI nameConstraints from constrained intermediate CAs are parsed but not enforced during certificate chain verification. This allows a compromised/malicious sub-CA to issue leaf certificates with URI SAN entries that violate the issuing CA’s name...

7CVSS5.9AI score0.00165EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.4 views

PT-2026-31793

Name of the Vulnerable Software and Affected Versions WolfSSL affected versions not specified Description WolfSSL improperly handles URI name constraints from constrained intermediate Certificate Authorities CAs during certificate chain verification. The parsing of these constraints occurs, but...

7CVSS6AI score0.00165EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.34 views

Oracle Linux 8 : nodejs:14 (ELSA-2022-7830)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7830 advisory. - Record issues fixed in the current version Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 Resolves: CVE-2022-0235 - Rebase to...

8.8CVSS7.5AI score0.21514EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2022/11/12 12:0 a.m.32 views

AlmaLinux 8 : nodejs:14 (ALSA-2022:7830)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7830 advisory. nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection CVE-2021-44532...

8.2CVSS7.3AI score0.21514EPSS
Exploits3References6
OSV
OSV
added 2022/02/24 7:15 p.m.29 views

CVE-2021-44531

Accepting arbitrary Subject Alternative Name SAN types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js 12.22.9, 14.18.3, 16.13.2, and 17.3.1 was accepting URI SAN types, which PKIs are often not defined to use...

7.4CVSS0.9AI score
Exploits0References6
UbuntuCve
UbuntuCve
added 2022/02/24 7:15 p.m.86 views

CVE-2021-44531

Accepting arbitrary Subject Alternative Name SAN types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js 12.22.9, 14.18.3, 16.13.2, and 17.3.1 was accepting URI SAN types, which PKIs are often not defined to use...

7.4CVSS6.8AI score0.08373EPSS
Exploits0References2
Rows per page
Query Builder