GHSA-m8r2-qgr6-4gqmMediumCVSS 5.3

Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A...

Published
June 25, 2026
Last Modified
June 26, 2026

🔗 CVE IDs covered (1)

📋 Description

Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CA's permitted/excluded DNS name constraints could be accepted.

🔗 References (4)