CVE-2026-4428 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A logic error in CRL distribution point validation in AWS-LC before 1.71.0 causes partitioned CRLs to be incorrectly rejected as out of scope, which allows a r…
Critical CVSS: 9.1

CVE-2026-4428

A logic error in CRL distribution point validation in AWS-LC before 1.71.0 causes partitioned CRLs to be incorrectly rejected as out of scope, which allows a revoked certificate to bypass certificate revocation checks.

To remediate this issue, users should upgrade to AWS-LC 1.71.0 or AWS-LC-FIPS-3.3.0.
Vendor
-
Product
-
CWE
CWE-299
Yayın Tarihi
2026-03-19 21:17:14
Güncelleme
2026-03-20 13:39:46
Source Identifier
ff89ba41-3aa1-4d27-914a-91399e9639e5
KEV Date Added
-

Kategoriler

CWE-299 CRITICAL 2026

Referanslar

https://aws.amazon.com/security/security-bulletins/2026-010-AWS/ https://github.com/aws/aws-lc/releases/tag/v1.71.0