crypton-x509-validation Haskell library fails to enforce X.509 NameConstraints (CVE-2026-9648)
critical-cve-against-dependency · active
The crypton-x509-validation Haskell library does not enforce X.509 NameConstraints, so TLS clients may accept certificates whose Subject Alternative Names fall outside an issuing CA's permitted subtrees. An attacker who compromises a name-constrained sub-CA could exploit this to impersonate domains beyond that CA's intended scope.
Affected packages
- mavencrypton-x509-validation
Sources
- ghsahttps://github.com/advisories/GHSA-7jx5-vvgh-vcjw
- nvdhttps://nvd.nist.gov/vuln/detail/CVE-2026-9648
- ghsahttps://github.com/haskell/security-advisories/pull/332
- ghsahttps://github.com/kazu-yamamoto/crypton-certificate/pull/30
- ghsahttps://github.com/kazu-yamamoto/crypton-certificate/pull/30/changes/f4b77edf6ead77f4a886da40e41eab20f0180e39
- ghsahttps://hackage.haskell.org/package/crypton-x509-validation-1.9.1/revisions
- ghsahttps://www.kb.cert.org/vuls/id/862559