vulnerability

Red Hat: CVE-2025-22874: crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509 (Multiple Advisories)

Try Surface Command
Back to search
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:C/A:N)
Published
Jun 11, 2025
Added
Jul 9, 2025
Modified
Jan 28, 2026

Description

Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.

Solutions

no-fix-redhat-rpm-packageredhat-upgrade-go-toolsetredhat-upgrade-golangredhat-upgrade-golang-binredhat-upgrade-golang-docsredhat-upgrade-golang-miscredhat-upgrade-golang-raceredhat-upgrade-golang-srcredhat-upgrade-golang-tests

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today