CVE-2024-45341

Summary

A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs.

Affected Software

VendorProductVersion RangeStatus
Go standard librarycrypto/x5090 < 1.22.11affected
Go standard librarycrypto/x5091.23.0-0 < 1.23.5affected
Go standard librarycrypto/x5091.24.0-0 < 1.24.0-rc.2affected

Weaknesses

  • CWE-295: Improper Certificate Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References