Lucene search
K

7 matches found

OSV
OSV
added 2026/04/24 4:20 p.m.4 views

GHSA-82J2-J2CH-GFR8 rustls-webpki: Denial of service via panic on malformed CRL BIT STRING

Summary bitstringflags in src/der.rs panics with an index-out-of-bounds when given a BIT STRING whose content is exactly 0x00 one byte: zero padding bits, zero data bytes. This is reachable through the public API BorrowedCertRevocationList::fromder via the issuingDistributionPoint CRL extension...

7.5CVSS5.9AI score
Exploits0References3
RustSec
RustSec
added 2026/04/22 12:0 p.m.17 views

Reachable panic in certificate revocation list parsing

A panic was reachable when parsing certificate revocation lists via BorrowedCertRevocationList::fromder or OwnedCertRevocationList::fromder. This was the result of mishandling a syntactically valid empty BIT STRING appearing in the onlySomeReasons element of a IssuingDistributionPoint CRL...

5.8AI score
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.5 views

PT-2026-34530

A panic was reachable when parsing certificate revocation lists via BorrowedCertRevocationList::from der or OwnedCertRevocationList::from der. This was the result of mishandling a syntactically valid empty BIT STRING appearing in the onlySomeReasons element of a IssuingDistributionPoint CRL...

5.8AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/20 8:35 p.m.10 views

CRL Distribution Point Scope Check Logic Error in AWS-LC

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs wi...

5.9AI score
Exploits0References5Affected Software2
OSV
OSV
added 2026/03/20 8:35 p.m.4 views

GHSA-9F94-5G5W-GF6R CRL Distribution Point Scope Check Logic Error in AWS-LC

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs wi...

7.4CVSS5.9AI score0.00252EPSS
Exploits0References5
OSV
OSV
added 2026/03/20 12:0 p.m.7 views

RUSTSEC-2026-0049 CRLs not considered authoritative by Distribution Point due to faulty matching logic

If a certificate had more than one distributionPoint, then only the first distributionPoint would be considered against each CRL's IssuingDistributionPoint distributionPoint, and then the certificate's subsequent distributionPoints would be ignored. The impact was that correctly provided CRLs wou...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/03/19 12:0 p.m.5 views

RUSTSEC-2026-0042 CRL Distribution Point Scope Check Logic Error in AWS-LC

A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs with Issuing Distribution Point IDP extensions. Customers of AWS services do not...

7.4CVSS5.9AI score0.00252EPSS
Exploits0References4
Rows per page
Query Builder