{"id":"HSEC-2026-0008","summary":"crypton-x509-validation and crypton-x509 do not enforce X.509 Name Constraints","details":"# crypton-x509-validation and crypton-x509 do not enforce X.509 Name Constraints\n\nThe `crypton-x509-validation` and `crypton-x509` libraries did not\nenforce the X.509 Name Constraints extension during certificate\nvalidation. The Name Constraints extension is a critical X.509\nextension that restricts the namespace (permitted and excluded\nsubtrees) for which a CA is authorized to issue certificates.\n\nWithout this enforcement, a TLS client would accept certificates with\nSubject Alternative Names (SANs) that fall outside the issuing CA's\npermitted subtrees. An attacker with access to a name-constrained\nsub-CA's private key could therefore issue certificates for domains\noutside the sub-CA's intended scope, enabling impersonation of\narbitrary domains and man-in-the-middle attacks on TLS connections.\n\nThe older `x509` and `x509-validation` packages are also affected but\nare no longer maintained and have no fix available.\n\nThis issue was fixed in `crypton-x509-validation-1.9.1` and\n`crypton-x509-1.9.1`.\n","aliases":["CVE-2026-9648"],"modified":"2026-06-03T13:45:42.872452373Z","published":"2026-06-03T13:30:48Z","database_specific":{"osvs":"https://raw.githubusercontent.com/haskell/security-advisories/refs/heads/generated/osv-export","home":"https://github.com/haskell/security-advisories","repository":"https://github.com/haskell/security-advisories"},"references":[{"type":"ADVISORY","url":"https://www.kb.cert.org/vuls/id/862559"},{"type":"FIX","url":"https://github.com/kazu-yamamoto/crypton-certificate/pull/30"}],"affected":[{"package":{"name":"crypton-x509-validation","ecosystem":"Hackage","purl":"pkg:hackage/crypton-x509-validation"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"1.6.12"},{"fixed":"1.9.1"}]}],"versions":["1.6.12","1.6.13","1.6.14","1.8.0","1.9.0"],"database_specific":{"source":"https://github.com/haskell/security-advisories/blob/generated/osv-export/2026/HSEC-2026-0008.json","osv":"https://raw.githubusercontent.com/haskell/security-advisories/refs/heads/generated/osv-export/2026/HSEC-2026-0008.json","human_link":"https://github.com/haskell/security-advisories/tree/main/advisories/published/2026/HSEC-2026-0008.md"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}]},{"package":{"name":"crypton-x509","ecosystem":"Hackage","purl":"pkg:hackage/crypton-x509"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"1.7.6"},{"fixed":"1.9.1"}]}],"versions":["1.7.6","1.7.7","1.8.0","1.9.0"],"database_specific":{"source":"https://github.com/haskell/security-advisories/blob/generated/osv-export/2026/HSEC-2026-0008.json","human_link":"https://github.com/haskell/security-advisories/tree/main/advisories/published/2026/HSEC-2026-0008.md","osv":"https://raw.githubusercontent.com/haskell/security-advisories/refs/heads/generated/osv-export/2026/HSEC-2026-0008.json"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}]},{"package":{"name":"x509-validation","ecosystem":"Hackage","purl":"pkg:hackage/x509-validation"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"1.4.0"}]}],"versions":["1.4.0","1.4.1","1.4.2","1.4.3","1.4.4","1.4.5","1.4.6","1.4.7","1.4.8","1.5.0","1.5.1","1.5.2","1.6.0","1.6.1","1.6.10","1.6.11","1.6.12","1.6.2","1.6.3","1.6.4","1.6.5","1.6.7","1.6.8","1.6.9"],"database_specific":{"source":"https://github.com/haskell/security-advisories/blob/generated/osv-export/2026/HSEC-2026-0008.json","osv":"https://raw.githubusercontent.com/haskell/security-advisories/refs/heads/generated/osv-export/2026/HSEC-2026-0008.json","human_link":"https://github.com/haskell/security-advisories/tree/main/advisories/published/2026/HSEC-2026-0008.md"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}]},{"package":{"name":"x509","ecosystem":"Hackage","purl":"pkg:hackage/x509"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"1.4.0"}]}],"versions":["1.4.0","1.4.1","1.4.10","1.4.11","1.4.12","1.4.13","1.4.2","1.4.3","1.4.4","1.4.5","1.4.6","1.4.7","1.4.8","1.4.9","1.5.0","1.5.0.1","1.5.1","1.6.0","1.6.1","1.6.2","1.6.3","1.6.4","1.6.5","1.7.0","1.7.1","1.7.2","1.7.3","1.7.4","1.7.5","1.7.6","1.7.7"],"database_specific":{"source":"https://github.com/haskell/security-advisories/blob/generated/osv-export/2026/HSEC-2026-0008.json","human_link":"https://github.com/haskell/security-advisories/tree/main/advisories/published/2026/HSEC-2026-0008.md","osv":"https://raw.githubusercontent.com/haskell/security-advisories/refs/heads/generated/osv-export/2026/HSEC-2026-0008.json"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}]}],"schema_version":"1.7.5"}