rustls-webpki Flaw Accepted Unauthorized URI Name Constraints in Certificate Validation

A validation defect in the rustls-webpki cryptographic library allowed name constraints for URI names to be incorrectly accepted, potentially opening a path for certificate misissuance exploitation in TLS handshake contexts. The vulnerability, tracked as RUSTSEC-2026-0098 and linked to GHSA-965h-392x-2mh5, was discovered and responsibly disclosed by researcher @1seal.

The flaw specifically caused URI name constraints to be ignored during certificate path validation rather than properly enforced. According to the project's security advisory, the library did not provide a public API for asserting URI names, and URI name constraints were otherwise unimplemented in the codebase. As a mitigation measure, URI name constraints are now unconditionally rejected regardless of their content or origin. Version 0.103.10 is confirmed vulnerable; users must upgrade to 0.103.12 or later, or to version 0.104.0-alpha.6 or newer.

The project's maintainers emphasized that exploitation remains constrained by two significant preconditions. Since name constraints function as restrictions on already-issued certificates, the vulnerability is accessible only after successful signature verification. Additionally, active exploitation would require a misissued certificate—a scenario that depends on compromise of a certificate authority or related infrastructure. Organizations relying on rustls-webpki for TLS certificate validation should prioritize patching given the library's role in securing network communications across Rust-based server and client implementations.