K1Rnt

**Name of the Vulnerable Software and Affected Versions** versions prior to 2.3 **Description** When verifying a certificate chain with excluded DNS constraints, these constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) that differ in case. This impacts the validation of trusted certificate chains issued by a root Certificate Authority (CA) in the system or specified root certificate pool. **Recommendations** Update to a version prior to 2.3.