4 matches found
CVE-2026-5188
CVE-2026-5188 describes an integer underflow in wolfSSL when parsing the SAN extension of X.509 certificates. A malformed certificate may specify an entry length larger than the enclosing sequence, causing the internal length counter to wrap during parsing. This vulnerability is limited to config...
OPENSUSE-SU-2020:1459-1 Security update for openldap2
This update for openldap2 fixes the following issues: - bsc1174154 - CVE-2020-15719 - This resolves an issue with x509 SAN's falling back to CN validation in violation of rfc6125. This update was imported from the SUSE:SLE-15:Update update project...
SUSE SLED15 / SLES15 Security Update : openldap2 (SUSE-SU-2020:2581-1)
This update for openldap2 fixes the following issues : bsc1174154 - CVE-2020-15719 - This resolves an issue with x509 SAN's falling back to CN validation in violation of rfc6125. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...
php: hostname check bypassing vulnerability in SSL client
The opensslx509parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL...