{"id":"CLEANSTART-2026-TS42581","summary":"Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate","details":"Multiple security vulnerabilities affect the chartmuseum-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details.","modified":"2026-02-20T17:15:37.159250Z","published":"2026-01-30T15:29:23.600518Z","upstream":["CVE-2025-58183","CVE-2025-58185","CVE-2025-58187","CVE-2025-58188","CVE-2025-58189","CVE-2025-61723","CVE-2025-61724","CVE-2025-61725","CVE-2025-61727","CVE-2025-61729","GHSA-2c4m-59x9-fr2g","GHSA-3vp4-m3rf-835h","GHSA-4hfp-h4cw-hj8p","GHSA-53c4-hhmh-vw5q","GHSA-557j-xg8c-q2mm","GHSA-5xqw-8hwv-wg92","GHSA-67fx-wx78-jx33","GHSA-f9f8-9pmf-xv68","GHSA-mh63-6h87-95cp","GHSA-r53h-jv2g-vpx6","GHSA-v53g-5gjp-272r"],"database_specific":{},"references":[{"type":"ADVISORY","url":"https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-TS42581.json"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2025-58183"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2025-58185"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2025-58187"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2025-58188"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2025-58189"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2025-61723"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2025-61724"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2025-61725"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2025-61727"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2025-61729"},{"type":"WEB","url":"https://osv.dev/vulnerability/GHSA-2c4m-59x9-fr2g"},{"type":"WEB","url":"https://osv.dev/vulnerability/GHSA-3vp4-m3rf-835h"},{"type":"WEB","url":"https://osv.dev/vulnerability/GHSA-4hfp-h4cw-hj8p"},{"type":"WEB","url":"https://osv.dev/vulnerability/GHSA-53c4-hhmh-vw5q"},{"type":"WEB","url":"https://osv.dev/vulnerability/GHSA-557j-xg8c-q2mm"},{"type":"WEB","url":"https://osv.dev/vulnerability/GHSA-5xqw-8hwv-wg92"},{"type":"WEB","url":"https://osv.dev/vulnerability/GHSA-67fx-wx78-jx33"},{"type":"WEB","url":"https://osv.dev/vulnerability/GHSA-f9f8-9pmf-xv68"},{"type":"WEB","url":"https://osv.dev/vulnerability/GHSA-mh63-6h87-95cp"},{"type":"WEB","url":"https://osv.dev/vulnerability/GHSA-r53h-jv2g-vpx6"},{"type":"WEB","url":"https://osv.dev/vulnerability/GHSA-v53g-5gjp-272r"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-58183"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-58185"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-58187"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-58188"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-58189"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-61723"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-61724"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-61725"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-61727"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-61729"}],"affected":[{"package":{"name":"chartmuseum-fips","ecosystem":"CleanStart"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.15.0-r4"}]}],"database_specific":{"source":"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-TS42581.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}