2 matches found
CVE-2026-55964
Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...
Kaspersky AntiVirus - Certificate Handling Directory Traversal
Source: https://code.google.com/p/google-security-research/issues/detail?id=539 When Kaspersky https inspection is enabled, temporary certificates are created in %PROGRAMDATA% for validation. I observed that the naming pattern is CN.cer. I created a certificate with CN="../../../../Users/All...