Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2026-32281

Опубликовано: 08 апр. 2026
Источник: debian
EPSS Низкий

Описание

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
golang-1.26fixed1.26.2-1package
golang-1.25fixed1.25.9-1package
golang-1.24removedpackage
golang-1.24no-dsatrixiepackage
golang-1.19removedpackage
golang-1.19no-dsabookwormpackage
golang-1.15removedpackage
golang-1.15postponedbullseyepackage

Примечания

  • https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU

  • https://github.com/golang/go/issues/78281

  • https://go-review.googlesource.com/c/go/+/758061

  • Fixed by: https://github.com/golang/go/commit/8028a514303f7cbc818094c05df33d1bbb3adb5a (go1.26.2)

  • Fixed by: https://github.com/golang/go/commit/210b8112b1bacef207c8064551ad5d2665203a8c (go1.25.9)

EPSS

Процентиль: 27%
0.00349
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2026-32281

CVSS3: 7.5
ubuntu
3 месяца назад

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.

redhat логотип

CVE-2026-32281

CVSS3: 5.9
redhat
3 месяца назад

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.

nvd логотип

CVE-2026-32281

CVSS3: 7.5
nvd
3 месяца назад

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.

msrc логотип

CVE-2026-32281

msrc
2 месяца назад

Inefficient policy validation in crypto/x509

rocky логотип

RLSA-2026:27740

rocky
3 дня назад

Moderate: golang-github-openprinting-ipp-usb security update

EPSS

Процентиль: 27%
0.00349
Низкий