Vulnerabilities

CVE-2025-61727

by Fred · 03/12/2025

An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN *.example.com.

More information : https://go.dev/cl/723900

Similar

Tags: Cybersecurity Alert