7.4
CVE-2026-3833
- EPSS 0.57%
- Veröffentlicht 30.04.2026 17:37:05
- Zuletzt bearbeitet 30.06.2026 03:19:14
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Hardened Images Version-
Redhat ≫ Openshift Container Platform Version4.0
Redhat ≫ Enterprise Linux Version6.0
Redhat ≫ Enterprise Linux Version7.0
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
Redhat ≫ Enterprise Linux Version10.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.57% | 0.427 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.4 | 2.2 | 5.2 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
|
| secalert@redhat.com | 6.5 | 3.9 | 2.5 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
|
CWE-178 Improper Handling of Case Sensitivity
The product does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results.
https://access.redhat.com/security/cve/CVE-2026-3833
https://bugzilla.redhat.com/show_bug.cgi?id=2445763
https://gitlab.com/gnutls/gnutls/-/issues/1803
https://access.redhat.com/errata/RHSA-2026:13274
https://access.redhat.com/errata/RHSA-2026:20611
https://access.redhat.com/errata/RHSA-2026:20613
https://access.redhat.com/errata/RHSA-2026:20612
https://access.redhat.com/errata/RHSA-2026:29197
https://access.redhat.com/errata/RHSA-2026:26319
https://access.redhat.com/errata/RHSA-2026:26409
https://access.redhat.com/errata/RHSA-2026:30004
https://access.redhat.com/errata/RHSA-2026:30849
https://access.redhat.com/errata/RHSA-2026:30850
https://access.redhat.com/errata/RHSA-2026:32962
https://access.redhat.com/errata/RHSA-2026:33125