Описание
On Darwin, user's trust preferences for root certificates were not honored. If the user had a root certificate loaded in their Keychain that was explicitly not trusted, a Go program would still verify a connection using that root certificate.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | golang | Will not fix | ||
| Red Hat OpenShift Enterprise 3 | golang | Affected | ||
| Red Hat OpenStack Platform 10 (Newton) Operational Tools | golang | Not affected | ||
| Red Hat OpenStack Platform 8 (Liberty) Operational Tools | golang | Will not fix | ||
| Red Hat OpenStack Platform 9 (Mitaka) Operational Tools | golang | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS3
2.6 Low
CVSS2
Связанные уязвимости
On Darwin, user's trust preferences for root certificates were not honored. If the user had a root certificate loaded in their Keychain that was explicitly not trusted, a Go program would still verify a connection using that root certificate.
On Darwin, user's trust preferences for root certificates were not honored. If the user had a root certificate loaded in their Keychain that was explicitly not trusted, a Go program would still verify a connection using that root certificate.
On Darwin, user's trust preferences for root certificates were not honored. If the user had a root certificate loaded in their Keychain that was explicitly not trusted, a Go program would still verify a connection using that root certificate.
On Darwin, user's trust preferences for root certificates were not hon ...
On Darwin, user's trust preferences for root certificates were not honored. If the user had a root certificate loaded in their Keychain that was explicitly not trusted, a Go program would still verify a connection using that root certificate.
EPSS
4.3 Medium
CVSS3
2.6 Low
CVSS2