QwikSec

Security Database

CVE

CWE

Training

CVE-2024-45341

Published: Jan 28, 2025

Modified: Feb 21, 2025

PUBLISHED

Description

A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs.

Vendor	Product	Versions
Go standard library	crypto/x509	affected `0 - < 1.22.11` affected `1.23.0-0 - < 1.23.5` affected `1.24.0-0 - < 1.24.0-rc.2`

References

https://go.dev/cl/643099

https://go.dev/issue/71156

https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ

https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ

https://pkg.go.dev/vuln/GO-2025-3373

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.