4 matches found
CVE-2026-3833
Technical details for CVE-2026-3833 are not publicly available in the provided documents; OpenSUSE/PTSecurity entries reference fixes but do not expose affected components, impact, or mitigation here. Monitor for updates.
Improper Handling of Case Sensitivity
Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity in the enforcement of X.509 nameConstraints due to case-sensitive comparisons for dNSName and the domain portion of rfc822Name. An attacker can gain unauthorized certificate validation and potential...
Amazon Linux 2023 : ecs-init (ALAS2023-2025-1341)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1341 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf...
Medium: oci-add-hooks
Issue Overview: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not...