VDB
DEBIAN-CVE-2024-45341
DEBIAN-CVE-2024-45341
PUBLISHED
CVSS 6.099999904632568 MEDIUM
A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs.
Risk Scores
CVSS 3.1
6.099999904632568
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | golang-1.24 | 0, 0 |
| Debian:12 | golang-1.19 | 1.19.11-1, 1.19.12-1, 1.19.12-2 |
| Debian:11 | golang-1.15 | 1.15.15-1~deb11u2, 1.15.15-1~deb11u3, 1.15.15-1~deb11u4 |
Exploit Intelligence
- yet-another-sort-grype.html (github-poc)
Timeline
- Jan 28, 2025 CVE Published
- Apr 28, 2026 CVE Updated