Lucene search
+L

53 matches found

RedHat Linux
RedHat Linux
added 2026/06/29 10:17 a.m.6 views

gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

7.4CVSS5.8AI score0.00566EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/06/29 2:54 a.m.6 views

gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

7.4CVSS5.8AI score0.00566EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/06/29 2:40 a.m.8 views

gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

7.4CVSS5.8AI score0.00566EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/06/25 6:37 p.m.9 views

gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

7.4CVSS5.8AI score0.00566EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/06/11 2:30 p.m.17 views

CVE-2026-9648 CVE-2026-9648

The crypton-x509-validation Haskell library fails to enforce X.509 NameConstraints, allowing TLS clients to accept certificates whose Subject Alternative Names fall outside the issuing CA’s permitted subtrees. This oversight enables an attacker who compromises a name-constrained sub-CA to...

5.4AI score0.00223EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/26 7:4 a.m.10 views

gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

7.4CVSS5.8AI score0.00566EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/05/26 6:40 a.m.12 views

gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

7.4CVSS5.7AI score0.00566EPSS
Exploits1References5
OSV
OSV
added 2026/05/21 9:23 a.m.7 views

CLSA-2026-1779355433 Fix CVE(s): CVE-2026-3833

SECURITY UPDATE: nameConstraints case-sensitive comparison bypass - debian/patches/CVE-2026-3833.patch: perform case-insensitive comparison of dNSName and rfc822Name domain labels in X.509 nameConstraints processing, fixing excludedSubtrees / permittedSubtrees bypass via letter-casing in the SAN....

7.4CVSS5.8AI score0.00566EPSS
Exploits1References1
OSV
OSV
added 2026/05/15 8:59 a.m.12 views

CLSA-2026-1778835563 gnutls: Fix of CVE-2026-3833

CVE-2026-3833: fix excludedSubtrees/permittedSubtrees bypass by performing case-insensitive comparison of dNSName and rfc822Name domain labels in X.509 nameConstraints processing...

7.4CVSS5.8AI score0.00566EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/05/01 2:12 a.m.10 views

SUSE CVE-2026-3833

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

6.5CVSS5.4AI score0.00566EPSS
Exploits1References15
EUVD
EUVD
added 2026/04/30 5:37 p.m.5 views

EUVD-2026-26403

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

6.5CVSS5.3AI score0.00566EPSS
Exploits1References3
OSV
OSV
added 2026/04/30 5:37 p.m.2 views

CVE-2026-3833 Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

6.5CVSS5.9AI score0.00566EPSS
Exploits1References20
RedhatCVE
RedhatCVE
added 2026/04/25 10:59 a.m.5 views

CVE-2026-33609

A flaw was found in PowerDNS. When running with 8bit-dns enabled, incomplete escaping of Lightweight Directory Access Protocol LDAP queries allows authenticated users to perform queries of internal domain subtrees. This vulnerability can lead to information disclosure, potentially exposing...

6.5CVSS5.2AI score0.00242EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/23 1:24 a.m.6 views

SUSE CVE-2026-33609

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

5.3CVSS5.8AI score0.00242EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-33609

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees. CVE-2026-33609 Note that...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/22 3:31 p.m.6 views

EUVD-2026-24947

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

5.3CVSS5.8AI score0.00242EPSS
Exploits0References2
NVD
NVD
added 2026/04/22 2:16 p.m.5 views

CVE-2026-33609

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

6.5CVSS0.00242EPSS
Exploits0References1
OSV
OSV
added 2026/04/22 2:16 p.m.3 views

DEBIAN-CVE-2026-33609

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

6.5CVSS5.2AI score0.00242EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/22 2:0 p.m.6 views

CVE-2026-33609

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

6.5CVSS5.2AI score0.00242EPSS
Exploits0
OSV
OSV
added 2026/04/22 2:0 p.m.2 views

CVE-2026-33609 LDAP DN injection

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

5.3CVSS6AI score0.00242EPSS
Exploits0References5
Rows per page
Query Builder