GHSA-m8r2-qgr6-4gqmMediumCVSS 5.3
Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A...
🔗 CVE IDs covered (1)
📋 Description
Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CA's permitted/excluded DNS name constraints could be accepted.