CVE-2013-0243

haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections...

CVE-2013-0243

haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections...

Code injection

haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections...

CVE-2013-0243

haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections...

CVE-2013-0243

haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections...

CVE-2013-0243

TLS-lib haskell-tls-extra prior to 0.6.1 fails to enforce Basic Constraints in certificate validation, treating any cert as a CA. This enables MITM via forged certs. Remediation: upgrade to 0.6.1 or newer; affected versions include those before 0.6.1 per HSEC-2023-0005 and RH/NVD records.

PT-2019-6839

Name of the Vulnerable Software and Affected Versions haskell-tls-extra versions prior to 0.6.1 Description The issue concerns a problem with certificate validation where the Basic Constraints attribute is not properly checked. This means any certificate is treated as a CA certificate, allowing a...