CVE-2026-9648

NameCVE-2026-9648
DescriptionThe crypton-x509-validation Haskell library fails to enforce X.509 NameConstraints, allowing TLS clients to accept certificates whose Subject Alternative Names fall outside the issuing CA’s permitted subtrees. This oversight enables an attacker who compromises a name-constrained sub-CA to impersonate domains beyond its intended scope.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1139732, 1140406

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
haskell-crypton-x509 (PTS)trixie1.7.7-1vulnerable
forky, sid1.7.7-2vulnerable
haskell-crypton-x509-validation (PTS)trixie1.6.12-3vulnerable
forky, sid1.6.14-1vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
haskell-crypton-x509source(unstable)(unfixed)1140406
haskell-crypton-x509-validationsource(unstable)(unfixed)1139732

Notes

[trixie] - haskell-crypton-x509 <no-dsa> (Minor issue)
[trixie] - haskell-crypton-x509-validation <no-dsa> (Minor issue)
https://www.kb.cert.org/vuls/id/862559
https://github.com/kazu-yamamoto/crypton-certificate/pull/30
Fixed by: https://github.com/kazu-yamamoto/crypton-certificate/commit/f4b77edf6ead77f4a886da40e41eab20f0180e39 (crypton-x509-validation-1.9.1)
https://haskell.github.io/security-advisories/advisory/HSEC-2026-0008.html

Search for package or bug name: Reporting problems