Lucene search
+L

30 matches found

RedHat Linux
RedHat Linux
added 2026/04/09 11:0 a.m.3 views

golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs

A flaw was found in the crypto/x509 package in the Go standard library. This vulnerability allows a certificate validation bypass via an excluded subdomain constraint in a certificated chain as it does not restrict the usage of wildcard SANs in the leaf certificate...

6.5CVSS6.1AI score0.00274EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/08 1:25 p.m.2 views

golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs

A flaw was found in the crypto/x509 package in the Go standard library. This vulnerability allows a certificate validation bypass via an excluded subdomain constraint in a certificated chain as it does not restrict the usage of wildcard SANs in the leaf certificate...

6.5CVSS6.8AI score0.00274EPSS
Exploits0References8
OSV
OSV
added 2026/02/26 12:41 a.m.10 views

CLEANSTART-2026-VU62737 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the consul-k8s-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS5.6AI score0.00778EPSS
Exploits2References12
OSV
OSV
added 2026/02/18 12:37 a.m.10 views

CLEANSTART-2026-DT95939 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the mongodb package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS5.6AI score0.83007EPSS
Exploits39References7
OSV
OSV
added 2026/01/30 4:50 p.m.6 views

CLEANSTART-2026-HL71566 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the docker-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS8.7AI score0.18828EPSS
Exploits7References31
OSV
OSV
added 2026/01/30 4:37 p.m.4 views

CLEANSTART-2026-IY17697 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the elastic-beats-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS5.6AI score0.00632EPSS
Exploits3References10
OSV
OSV
added 2026/01/30 4:29 p.m.9 views

CLEANSTART-2026-AU31441 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the metrics-server-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS5.6AI score0.00459EPSS
Exploits2References6
OSV
OSV
added 2026/01/30 4:19 p.m.10 views

CLEANSTART-2026-CH38544 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the stakater-reloader-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS5.6AI score0.00459EPSS
Exploits2References5
OSV
OSV
added 2026/01/30 3:23 p.m.9 views

CLEANSTART-2026-EL98016 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS5.8AI score0.00626EPSS
Exploits2References21
OSV
OSV
added 2026/01/30 3:7 p.m.16 views

CLEANSTART-2026-IW06531 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the istio-pilot-discovery-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS5.8AI score0.00459EPSS
Exploits2References5
OSV
OSV
added 2026/01/30 3:3 p.m.14 views

CLEANSTART-2026-VL83369 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the kube-state-metrics-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS5.6AI score0.00459EPSS
Exploits2References9
OSV
OSV
added 2026/01/30 3:3 p.m.15 views

CLEANSTART-2026-PI00621 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the kube-state-metrics-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS5.8AI score0.00459EPSS
Exploits2References7
OSV
OSV
added 2026/01/30 2:41 p.m.14 views

CLEANSTART-2026-GV62494 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the velero package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

9.8CVSS5.8AI score0.00626EPSS
Exploits2References27
Amazon
Amazon
added 2026/01/07 12:0 a.m.12 views

Medium: nerdctl

Issue Overview: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not...

7.5CVSS6.8AI score0.00459EPSS
Exploits2
Amazon
Amazon
added 2026/01/07 12:0 a.m.17 views

Medium: soci-snapshotter

Issue Overview: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not...

7.5CVSS6.8AI score0.00459EPSS
Exploits2
Amazon
Amazon
added 2026/01/05 12:0 a.m.3 views

Medium: oci-add-hooks

Issue Overview: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not...

7.5CVSS6.9AI score0.00459EPSS
Exploits2
Amazon
Amazon
added 2026/01/05 12:0 a.m.5 views

Medium: golang

Issue Overview: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not...

7.5CVSS6.9AI score0.00459EPSS
Exploits2
Amazon
Amazon
added 2026/01/05 12:0 a.m.7 views

Medium: runc

Issue Overview: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not...

7.5CVSS6.9AI score0.00459EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.9 views

Amazon Linux 2 : runfinch-finch, --advisory ALAS2DOCKER-2025-092 (ALASDOCKER-2025-092)

The version of runfinch-finch installed on the remote host is prior to 1.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-092 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause...

7.5CVSS6.9AI score0.00533EPSS
Exploits2References14
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.9 views

Amazon Linux 2 : runc, --advisory ALAS2DOCKER-2025-088 (ALASDOCKER-2025-088)

The version of runc installed on the remote host is prior to 1.3.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-088 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a...

7.5CVSS6.7AI score0.00459EPSS
Exploits2References6
Rows per page
Query Builder