JLSEC-2026-699

Source
https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2026/JLSEC-2026-699.md
Import Source
https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-699.json
JSON Data
https://api.osv.dev/v1/vulns/JLSEC-2026-699
Upstream
  • EUVD-2026-39496
  • GHSA-wrw6-8jh4-qvcx
Published
2026-07-14T21:41:35.775Z
Modified
2026-07-14T21:50:16.164149034Z
Severity
  • 8.2 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
X.509 trust-chain bypass (path-depth exhaustion) in the OpenSSL compatibility certificate...
Details

X.509 trust-chain bypass (path-depth exhaustion) in the OpenSSL compatibility certificate verifier (wolfSSLX509verifycert()). This affects only builds with --enable-opensslextra whose application calls X509verifycert() with caller-supplied untrusted intermediates; for those users it is critical, otherwise the library is unaffected. Native wolfSSL TLS/DTLS usage is not impacted. X509verifycert() returned success based only on the last verified link rather than on reaching a trust anchor: when the supplied chain is deeper than the verifier's maximum path depth (default 100), path building runs out of depth while still walking untrusted intermediates and the chain is accepted even though it never reaches a configured trust anchor, allowing acceptance of an attacker-controlled certificate. The default TLS handshake (WOLFSSLVERIFY_PEER) is not affected; only applications doing manual or deferred verification through this API are.

Database specific
{
    "sources": [
        {
            "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11999",
            "modified": "2026-06-26T16:50:28.077Z",
            "imported": "2026-07-14T21:22:49.451Z",
            "published": "2026-06-25T18:16:37.613Z",
            "id": "CVE-2026-11999",
            "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-11999",
            "database_specific": {
                "status": "Analyzed"
            }
        },
        {
            "modified": "2026-06-26T18:34:50Z",
            "imported": "2026-07-14T21:23:01.620Z",
            "published": "2026-06-25T18:30:41Z",
            "id": "GHSA-wrw6-8jh4-qvcx",
            "url": "https://api.github.com/advisories/GHSA-wrw6-8jh4-qvcx",
            "html_url": "https://github.com/advisories/GHSA-wrw6-8jh4-qvcx"
        },
        {
            "html_url": "https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-39496",
            "imported": "2026-07-14T21:22:51.522Z",
            "published": "2026-06-25T16:56:14Z",
            "id": "EUVD-2026-39496",
            "modified": "2026-06-25T17:56:41Z",
            "url": "https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2026-39496"
        }
    ],
    "license": "CC-BY-4.0"
}
References

Affected packages

Julia / wolfSSL_jll

Package

Name
wolfSSL_jll
Purl
pkg:julia/wolfSSL_jll?uuid=98c43586-9870-5ae5-ab22-acc77b9bbdb5

Affected ranges

Type
SEMVER
Events
Introduced
5.8.4+0
Fixed
5.9.2+0

Database specific

source
"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-699.json"