1754 matches found
crypto/x509: Incorrect enforcement of email constraints in crypto/x509
A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly...
crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...
RLSA-2026:39573 Important: yggdrasil security update
yggdrasil is a system daemon that subscribes to topics on an MQTT broker and routes any data received on the topics to an appropriate child "worker" process, exchanging data with its worker processes through a D-Bus message broker. Security Fixes: net: golang: Go net package: Denial of Service vi...
go-toolset:rhel8 security, bug fix, and enhancement update
An update is available for delve, module.delve, module.golang, golang. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset provides the Go programming...
CVE-2026-45063
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, X509Authenticator extracts the user identifier from $SERVER'SSLCLIENTSDN' with an unanchored regex that matches emailAddress= anywhere in the distinguishe...
CVE-2026-45063 Symfony: Identity Spoofing via Unanchored DN Regex in X509Authenticator
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, X509Authenticator extracts the user identifier from $SERVER'SSLCLIENTSDN' with an unanchored regex that matches emailAddress= anywhere in the distinguishe...
Linux Distros Unpatched Vulnerability : CVE-2026-58101
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3EXTd2iext returns NULL when an extension's DER...
Linux Distros Unpatched Vulnerability : CVE-2026-58102
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension...
DEBIAN-CVE-2026-58102
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension hash via extensions, extensionsbylongname, extensionsbyoid, or hasextensionoid, the code passes OBJobj2txt's return value as the hash-key...
DEBIAN-CVE-2026-58101
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3EXTd2iext returns NULL when an extension's DER value fails to parse. basicC, ia5string, and authatt dereference its result without a NULL check. keyiddata also dereferences akid-keyid,...
CVE-2026-58102
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension hash via extensions, extensionsbylongname, extensionsbyoid, or hasextensionoid, the code passes OBJobj2txt's return value as the hash-key...
CVE-2026-58101
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3EXTd2iext returns NULL when an extension's DER value fails to parse. basicC, ia5string, and authatt dereference its result without a NULL check. keyiddata also dereferences akid-keyid,...
UBUNTU-CVE-2026-58101
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3EXTd2iext returns NULL when an extension's DER value fails to parse. basicC, ia5string, and authatt dereference its result without a NULL check. keyiddata also dereferences akid-keyid,...
UBUNTU-CVE-2026-58102
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension hash via extensions, extensionsbylongname, extensionsbyoid, or hasextensionoid, the code passes OBJobj2txt's return value as the hash-key...
CVE-2026-58102
Summary of CVE-2026-58102 : Crypt::OpenSSL::X509 (Perl) versions before 2.1.3 are affected by a heap out-of-bounds read when processing long certificate extension OIDs in hv_exts. The vulnerability arises while building the extension hash through extensions(), extensions_by_long_name(), extension...
CVE-2026-58102 Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hv_exts
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension hash via extensions, extensionsbylongname, extensionsbyoid, or hasextensionoid, the code passes OBJobj2txt's return value as the hash-key...
CVE-2026-58102 Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hv_exts
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension hash via extensions, extensionsbylongname, extensionsbyoid, or hasextensionoid, the code passes OBJobj2txt's return value as the hash-key...
CVE-2026-58101 Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3EXTd2iext returns NULL when an extension's DER value fails to parse. basicC, ia5string, and authatt dereference its result without a NULL check. keyiddata also dereferences akid-keyid,...
CVE-2026-58101
CVE-2026-58101 affects Crypt::OpenSSL::X509 before 2.1.3 for Perl. The issue arises when X509V3_EXT_d2i(ext) returns NULL if an extension fails to parse, yet basicC, ia5string, and auth_att dereference the result without a NULL check, and keyid_data dereferences akid->keyid even when the AKI s...
CVE-2026-58101 Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3EXTd2iext returns NULL when an extension's DER value fails to parse. basicC, ia5string, and authatt dereference its result without a NULL check. keyiddata also dereferences akid-keyid,...