53 matches found
gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...
gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...
gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...
gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...
CVE-2026-9648 CVE-2026-9648
The crypton-x509-validation Haskell library fails to enforce X.509 NameConstraints, allowing TLS clients to accept certificates whose Subject Alternative Names fall outside the issuing CA’s permitted subtrees. This oversight enables an attacker who compromises a name-constrained sub-CA to...
gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...
gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...
CLSA-2026-1779355433 Fix CVE(s): CVE-2026-3833
SECURITY UPDATE: nameConstraints case-sensitive comparison bypass - debian/patches/CVE-2026-3833.patch: perform case-insensitive comparison of dNSName and rfc822Name domain labels in X.509 nameConstraints processing, fixing excludedSubtrees / permittedSubtrees bypass via letter-casing in the SAN....
CLSA-2026-1778835563 gnutls: Fix of CVE-2026-3833
CVE-2026-3833: fix excludedSubtrees/permittedSubtrees bypass by performing case-insensitive comparison of dNSName and rfc822Name domain labels in X.509 nameConstraints processing...
SUSE CVE-2026-3833
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...
EUVD-2026-26403
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...
CVE-2026-3833 Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...
CVE-2026-33609
A flaw was found in PowerDNS. When running with 8bit-dns enabled, incomplete escaping of Lightweight Directory Access Protocol LDAP queries allows authenticated users to perform queries of internal domain subtrees. This vulnerability can lead to information disclosure, potentially exposing...
SUSE CVE-2026-33609
Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...
Linux Distros Unpatched Vulnerability : CVE-2026-33609
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees. CVE-2026-33609 Note that...
EUVD-2026-24947
Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...
CVE-2026-33609
Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...
DEBIAN-CVE-2026-33609
Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...
CVE-2026-33609
Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...
CVE-2026-33609 LDAP DN injection
Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...