6 matches found
CVE-2026-34073
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
ALPINE-CVE-2026-34073
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
CVE-2026-34073
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
CVE-2026-34073 cryptography has incomplete DNS name constraint enforcement on peer names
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...
CVE-2024-39312
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtree...
CVE-2024-39312
Botan CVE-2024-39312 affects the X.509 name-contraint check: when a certificate’s name is present in both permitted and excluded subtrees, the parser may erroneously accept it. The issue is resolved by upgrading Botan to 3.5.0 or 2.19.5 (fixed versions cited in multiple sources). The vulnerabilit...