CVE-2024-45341 Information

Description

A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI so this only affects users of private PKIs which make use of URIs.

Reference

https://go.dev/cl/643099 https://go.dev/issue/71156 https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ https://pkg.go.dev/vuln/GO-2025-3373