13 matches found
UBUNTU-CVE-2026-24122
Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and below, an issuing certificate with a validity that expires before the leaf certificate will be considered valid during verification even if the provided timestamp would mean the issuing certificate...
K000152658: Golang vulnerability CVE-2024-45341
Security Advisory Description A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make...
EulerOS 2.0 SP12 : golang (EulerOS-SA-2025-1820)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate...
golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints
A flaw was found in the crypto/x509 package of the Golang standard library. A certificate with a URI, which has a IPv6 address with a zone ID, may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI; this...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a security bypass in Golang crypto [CVE-2024-45341]
Summary IBM Watson Speech Services Cartridge is vulnerable to a security bypass in the crypto/x509 package of the Golang standard library, caused by a faulty certificate URI CVE-2024-45341. Golang is used by our Speech utilities. This vulnerabilitiy has been addressed. Please read the details for...
Amazon Linux 2 : golang (ALAS-2025-2795)
The version of golang installed on the remote host is prior to 1.23.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2795 advisory. net/http: sensitive headers incorrectly sent after cross-domain redirect The HTTP client drops sensitive headers after...
Medium: golang
Issue Overview: net/http: sensitive headers incorrectly sent after cross-domain redirect The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to...
AZL-56031 CVE-2024-45341 affecting package msft-golang for versions less than 1.23.3-2
A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs...
CVE-2024-45341 Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509
A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs...
CVE-2024-45341 Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509
A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs...
CVE-2024-45341
A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs...
Code injection
Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...
CVE-2023-29409
Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...