| Summary | Oxia is a metadata store and coordination system. Prior to 0.16.2, the trustedCertPool() function in the TLS configuration only parses the first PEM block from CA certificate files. When a CA bundle contains multiple certificates (e.g., intermediate + root CA), only the first certificate is loaded. This silently breaks certificate chain validation for mTLS. This vulnerability is fixed in 0.16.2. |
|---|---|
| Publication Date | April 22, 2026, 7:16 a.m. |
| Registration Date | April 25, 2026, 4:04 a.m. |
| Last Update | April 23, 2026, 5:28 a.m. |