Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-16875

Опубликовано: 14 дек. 2018
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 7.8
CVSS3: 5.9

Описание

The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needs-triage]
esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
cosmic

ignored

end of life
devel

DNE

disco

ignored

end of life
eoan

DNE

esm-infra-legacy/trusty

needed

esm-infra/bionic

needed

esm-infra/focal

DNE

esm-infra/xenial

needs-triage

focal

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

not-affected

1.11.5-1ubuntu1
eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needs-triage]
esm-infra/focal

DNE

esm-infra/xenial

needs-triage

focal

DNE

groovy

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
cosmic

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-apps/bionic

needs-triage

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
cosmic

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-apps/bionic

needs-triage

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 82%
0.01689
Низкий

7.8 High

CVSS2

5.9 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-16875

CVSS3: 7.5
redhat
около 7 лет назад

The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.

nvd логотип

CVE-2018-16875

CVSS3: 5.9
nvd
около 7 лет назад

The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.

debian логотип

CVE-2018-16875

CVSS3: 5.9
debian
около 7 лет назад

The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 d ...

github логотип

GHSA-8gx8-4ch8-vgp8

CVSS3: 7.5
github
больше 3 лет назад

The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.

fstec логотип

BDU:2020-01889

CVSS3: 7.5
fstec
около 7 лет назад

Уязвимость пакета crypto/x509 языка программирования Go, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 82%
0.01689
Низкий

7.8 High

CVSS2

5.9 Medium

CVSS3

Уязвимость CVE-2018-16875