2 matches found
UBUNTU-CVE-2024-6156
Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store...
Design/Logic Flaw
Accepting arbitrary Subject Alternative Name SAN types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js 12.22.9, 14.18.3, 16.13.2, and 17.3.1 was accepting URI SAN types, which PKIs are often not defined to use...