GHSA-qpch-gjf6-c9gfLowCVSS 5.3

A CRL critical extension bypass exists in ParseCRL_Extensions where critical extensions are not...

Published
June 25, 2026
Last Modified
June 27, 2026

🔗 CVE IDs covered (1)

📋 Description

A CRL critical extension bypass exists in ParseCRL_Extensions where critical extensions are not properly enforced, allowing a crafted CRL with an unhandled critical extension to be accepted. This only affects builds with CRL support enabled and where a crafted CRL had a trusted signature when parsed.

🔗 References (4)