Common Weakness Enumeration

CWE-295

Allowed

Improper Certificate Validation

Abstraction: Base · Status: Draft

The product does not validate, or incorrectly validates, a certificate.

1908 vulnerabilities reference this CWE, most recent first.

GHSA-GX75-Q38P-6X2Q

Vulnerability from github – Published: 2022-05-17 02:39 – Updated: 2025-04-20 03:39
VLAI
Details

The "Charlevoix State Bank" by Charlevoix State Bank app 3.0.1 -- aka charlevoix-state-bank/id1128963717 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-9583"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-16T12:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The \"Charlevoix State Bank\" by Charlevoix State Bank app 3.0.1 -- aka charlevoix-state-bank/id1128963717 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.",
  "id": "GHSA-gx75-q38p-6x2q",
  "modified": "2025-04-20T03:39:13Z",
  "published": "2022-05-17T02:39:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9583"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/%40chronic_9612/advisory-44-credit-union-apps-for-ios-may-allow-login-credential-exposure-4d2f380b85c5"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/@chronic_9612/advisory-44-credit-union-apps-for-ios-may-allow-login-credential-exposure-4d2f380b85c5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GXQ5-79M2-GVVQ

Vulnerability from github – Published: 2022-12-15 21:30 – Updated: 2022-12-20 15:22
VLAI
Summary
Apache Bookkeeper vulnerable to Improper Certificate Validation
Details

The Apache Bookkeeper Java Client (before 4.14.6 and also 4.15.0) does not close the connection to the bookkeeper server when TLS hostname verification fails. This leaves the bookkeeper client vulnerable to a man in the middle attack. The problem affects BookKeeper client prior to versions 4.14.6 and 4.15.1.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.bookkeeper:bookkeeper-common"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.14.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.bookkeeper:bookkeeper-common"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.15.0"
            },
            {
              "fixed": "4.15.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.15.0"
      ]
    }
  ],
  "aliases": [
    "CVE-2022-32531"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-12-15T23:33:41Z",
    "nvd_published_at": "2022-12-15T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The Apache Bookkeeper Java Client (before 4.14.6 and also 4.15.0) does not close the connection to the bookkeeper server when TLS hostname verification fails. This leaves the bookkeeper client vulnerable to a man in the middle attack. The problem affects BookKeeper client prior to versions 4.14.6 and 4.15.1.",
  "id": "GHSA-gxq5-79m2-gvvq",
  "modified": "2022-12-20T15:22:58Z",
  "published": "2022-12-15T21:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32531"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/bookkeeper"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/apache-bookkeeper-client/PYSEC-2022-43060.yaml"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/xyk2lfc7lzof8mksmwyympbqxts1b5s9"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Apache Bookkeeper vulnerable to Improper Certificate Validation"
}

GHSA-H289-X5WC-XCV8

Vulnerability from github – Published: 2022-02-16 22:56 – Updated: 2024-05-20 21:13
VLAI
Summary
Improper Validation of Certificate with Host Mismatch in mellium.im/xmpp/websocket
Details

Impact

If no TLS configuration is provided by the user, the websocket package constructs its own TLS configuration using recommended defaults. When looking up a WSS endpoint using the DNS TXT record method described in XEP-0156: Discovering Alternative XMPP Connection Methods the ServerName field was incorrectly being set to the name of the server returned by the TXT record request, not the name of the initial server we were attempting to connect to. This means that any attacker that can spoof a DNS record (ie. in the absence of DNSSEC, DNS-over-TLS, DNS-over-HTTPS, or similar technologies) could redirect the user to a server of their choosing and as long as it had a valid TLS certificate for itself the connection would succeed, resulting in a MITM situation.

Patches

All users should upgrade to v0.21.1.

Workarounds

To work around the issue, manually specify a TLS configuration with the correct hostname.

References

  • https://mellium.im/cve/cve-2022-24968/
  • https://nvd.nist.gov/vuln/detail/CVE-2022-24968

For more information

If you have any questions or comments about this advisory: * Reach out on XMPP to sam@samwhited.com * Email us at sam@samwhited.com

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "mellium.im/xmpp"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.18.0"
            },
            {
              "fixed": "0.21.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-24968"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-02-16T22:56:21Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nIf no TLS configuration is provided by the user, the websocket package constructs its own TLS configuration using recommended defaults. When looking up a WSS endpoint using the DNS TXT record method described in [XEP-0156: Discovering Alternative XMPP Connection Methods](https://xmpp.org/extensions/xep-0156.html) the ServerName field was incorrectly being set to the name of the server returned by the TXT record request, not the name of the initial server we were attempting to connect to. This means that any attacker that can spoof a DNS record (ie. in the absence of DNSSEC, DNS-over-TLS, DNS-over-HTTPS, or similar technologies) could redirect the user to a server of their choosing and as long as it had a valid TLS certificate for itself the connection would succeed, resulting in a MITM situation.\n\n### Patches\n\nAll users should upgrade to v0.21.1.\n\n### Workarounds\n\nTo work around the issue, manually specify a TLS configuration with the correct hostname.\n\n### References\n\n- https://mellium.im/cve/cve-2022-24968/\n- https://nvd.nist.gov/vuln/detail/CVE-2022-24968\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n* Reach out on XMPP to [sam@samwhited.com](xmpp:sam@samwhited.com?msg)\n* Email us at [sam@samwhited.com](mailto:sam@samwhited.com)\n",
  "id": "GHSA-h289-x5wc-xcv8",
  "modified": "2024-05-20T21:13:34Z",
  "published": "2022-02-16T22:56:21Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/mellium/xmpp/security/advisories/GHSA-h289-x5wc-xcv8"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24968"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mellium/xmpp/pull/260"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mellium/xmpp/commit/0d92aa486da69b71f2f4a30e62aa722c711b98ac"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mellium/xmpp"
    },
    {
      "type": "WEB",
      "url": "https://mellium.im/cve/cve-2022-24968"
    },
    {
      "type": "WEB",
      "url": "https://mellium.im/issue/259"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2022-0370"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improper Validation of Certificate with Host Mismatch in mellium.im/xmpp/websocket"
}

GHSA-H28G-F96V-JHRG

Vulnerability from github – Published: 2022-05-24 17:24 – Updated: 2022-11-29 03:30
VLAI
Details

** DISPUTED ** An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. It allows remote attackers to bypass intended access restrictions or to cause a denial of service on dependent routing systems by strategically withholding RPKI Route Origin Authorisation ".roa" files or X509 Certificate Revocation List files from the RPKI relying party's view. NOTE: some third parties may regard this as a preferred behavior, not a vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-16164"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-07-30T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "** DISPUTED ** An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. It allows remote attackers to bypass intended access restrictions or to cause a denial of service on dependent routing systems by strategically withholding RPKI Route Origin Authorisation \".roa\" files or X509 Certificate Revocation List files from the RPKI relying party\u0027s view. NOTE: some third parties may regard this as a preferred behavior, not a vulnerability.",
  "id": "GHSA-h28g-f96v-jhrg",
  "modified": "2022-11-29T03:30:25Z",
  "published": "2022-05-24T17:24:43Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/RIPE-NCC/rpki-validator-3/security/advisories/GHSA-q76j-58cx-wp5v"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16164"
    },
    {
      "type": "WEB",
      "url": "https://github.com/RIPE-NCC/rpki-validator-3/issues/158"
    },
    {
      "type": "WEB",
      "url": "https://github.com/RIPE-NCC/rpki-validator-3/issues/232"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H2FW-QH29-9JV7

Vulnerability from github – Published: 2022-05-24 17:00 – Updated: 2024-03-21 03:33
VLAI
Details

systemd 239 through 243 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication (SNI) is not sent, and there is no hostname validation with the GnuTLS backend.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-21029"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-30T22:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "systemd 239 through 243 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication (SNI) is not sent, and there is no hostname validation with the GnuTLS backend.",
  "id": "GHSA-h2fw-qh29-9jv7",
  "modified": "2024-03-21T03:33:41Z",
  "published": "2022-05-24T17:00:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-21029"
    },
    {
      "type": "WEB",
      "url": "https://github.com/systemd/systemd/issues/9397"
    },
    {
      "type": "WEB",
      "url": "https://github.com/systemd/systemd/pull/13870"
    },
    {
      "type": "WEB",
      "url": "https://blog.cloudflare.com/dns-encryption-explained"
    },
    {
      "type": "WEB",
      "url": "https://github.com/systemd/systemd/blob/v239/man/resolved.conf.xml#L199-L207"
    },
    {
      "type": "WEB",
      "url": "https://github.com/systemd/systemd/blob/v243/man/resolved.conf.xml#L196-L207"
    },
    {
      "type": "WEB",
      "url": "https://github.com/systemd/systemd/blob/v243/src/resolve/resolved-dnstls-gnutls.c#L62-L63"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4NLJVOJMB6ANDILRLDZK26YGLYBEPHKY"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4NLJVOJMB6ANDILRLDZK26YGLYBEPHKY"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20191122-0002"
    },
    {
      "type": "WEB",
      "url": "https://tools.ietf.org/html/rfc7858#section-4.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H2MX-PPVP-V2RQ

Vulnerability from github – Published: 2026-02-23 18:32 – Updated: 2026-02-23 21:31
VLAI
Details

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in jxcore jxm master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTPS request options when 'jx_obj.IsSecure' is true

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-70045"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-23T16:29:36Z",
    "severity": "HIGH"
  },
  "details": "An issue pertaining to CWE-295: Improper Certificate Validation was discovered in jxcore jxm master. The application disables TLS/SSL certificate validation by setting \u0027rejectUnauthorized\u0027: false in HTTPS request options when \u0027jx_obj.IsSecure\u0027 is true",
  "id": "GHSA-h2mx-ppvp-v2rq",
  "modified": "2026-02-23T21:31:26Z",
  "published": "2026-02-23T18:32:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-70045"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/zcxlighthouse/bd5852a409c97438016f2c476f8461d9"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jxcore"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jxcore/jxm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H2Q8-MVPC-6J4J

Vulnerability from github – Published: 2023-03-25 00:30 – Updated: 2023-03-30 18:30
VLAI
Details

ComponentSpace.Saml2 4.4.0 Missing SSL Certificate Validation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-45597"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-24T23:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "ComponentSpace.Saml2 4.4.0 Missing SSL Certificate Validation.",
  "id": "GHSA-h2q8-mvpc-6j4j",
  "modified": "2023-03-30T18:30:31Z",
  "published": "2023-03-25T00:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45597"
    },
    {
      "type": "WEB",
      "url": "https://www.componentspace.com/documentation/saml-for-asp-net-core/ComponentSpace%20SAML%20for%20ASP.NET%20Core%20Release%20Notes.pdf"
    },
    {
      "type": "WEB",
      "url": "http://componentspace.com"
    },
    {
      "type": "WEB",
      "url": "http://componentspacesaml2.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H2R9-R9V2-FVWP

Vulnerability from github – Published: 2022-03-29 00:01 – Updated: 2022-04-05 00:00
VLAI
Details

An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. GitLab does not validate SSL certificates for some of external CI services which makes it possible to perform MitM attacks on connections to these external services.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-0123"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-28T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. GitLab does not validate SSL certificates for some of external CI services which makes it possible to perform MitM attacks on connections to these external services.",
  "id": "GHSA-h2r9-r9v2-fvwp",
  "modified": "2022-04-05T00:00:49Z",
  "published": "2022-03-29T00:01:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0123"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0123.json"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/296632"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H32X-W4CV-WRQ9

Vulnerability from github – Published: 2022-05-24 17:38 – Updated: 2022-05-24 17:38
VLAI
Details

A flaw was found in JBCS httpd in version 2.4.37 SP3, where it uses a back-end worker SSL certificate with the keystore file's ID is 'unknown'. The validation of the certificate whether CN and hostname are matching stopped working and allow connecting to the back-end work. The highest threat from this vulnerability is to data integrity.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-25680"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-01-07T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in JBCS httpd in version 2.4.37 SP3, where it uses a back-end worker SSL certificate with the keystore file\u0027s ID is \u0027unknown\u0027. The validation of the certificate whether CN and hostname are matching stopped working and allow connecting to the back-end work. The highest threat from this vulnerability is to data integrity.",
  "id": "GHSA-h32x-w4cv-wrq9",
  "modified": "2022-05-24T17:38:11Z",
  "published": "2022-05-24T17:38:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25680"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892703"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-H355-32PF-P2XM

Vulnerability from github – Published: 2026-02-05 18:30 – Updated: 2026-02-06 18:30
VLAI
Details

During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-68121"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-05T18:16:10Z",
    "severity": "MODERATE"
  },
  "details": "During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.",
  "id": "GHSA-h355-32pf-p2xm",
  "modified": "2026-02-06T18:30:31Z",
  "published": "2026-02-05T18:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
    },
    {
      "type": "WEB",
      "url": "https://go.dev/cl/737700"
    },
    {
      "type": "WEB",
      "url": "https://go.dev/issue/77217"
    },
    {
      "type": "WEB",
      "url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2026-4337"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design Implementation

Certificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.

Mitigation
Implementation

If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.

CAPEC-459: Creating a Rogue Certification Authority Certificate

An adversary exploits a weakness resulting from using a hashing algorithm with weak collision resistance to generate certificate signing requests (CSR) that contain collision blocks in their "to be signed" parts. The adversary submits one CSR to be signed by a trusted certificate authority then uses the signed blob to make a second certificate appear signed by said certificate authority. Due to the hash collision, both certificates, though different, hash to the same value and so the signed blob works just as well in the second certificate. The net effect is that the adversary's second X.509 certificate, which the Certification Authority has never seen, is now signed and validated by that Certification Authority.

CAPEC-475: Signature Spoofing by Improper Validation

An adversary exploits a cryptographic weakness in the signature verification algorithm implementation to generate a valid signature without knowing the key.