Important: Red Hat Security Advisory: OpenShift Container Platform 4.20.1 bug fix and security update

Red Hat OpenShift Container Platform release 4.20.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a...

EUVD-2025-18136

Malicious code in bioql PyPI...

crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509

A flaw was found in Go's crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages...

crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509

A flaw was found in Go's crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages...

BIT-GOLANG-2025-22874 Usage of ExtKeyUsageAny disables policy validation in crypto/x509

Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...

CVE-2025-22874

Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...

CVE-2025-22874 Usage of ExtKeyUsageAny disables policy validation in crypto/x509

Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...

CVE-2025-22874 Usage of ExtKeyUsageAny disables policy validation in crypto/x509

Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...

CVE-2025-22874

CVE-2025-22874 is confirmed in multiple advisories (ALAS/AL2/ECS) tied to Go crypto/X509 verification where Verify with VerifyOptions.KeyUsages containing ExtKeyUsageAny disables policy validation for some certificate chains with policy graphs. Concrete affected packages include amazon-ssm-agent ...

CVE-2025-22874

Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...

Improper Certificate Validation

Overview std/crypto/x509 is a Go standard library package std/crypto/x509 Affected versions of this package are vulnerable to Improper Certificate Validation. Go Vulnerability Report: Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy...

GO-2025-3749 Usage of ExtKeyUsageAny disables policy validation in crypto/x509

Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon...

Updated golang packages fix security vulnerabilities

Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673. os: inconsistent handling of OCREATE|OEXCL on Unix and Windows os.OpenFilepath, os.OCREATE|OEXCL behaved differently on Unix and Windows systems when th...

PT-2025-23988

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue arises when calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny, which unintentionally disables policy validation. This affects certificate chains containing...