Описание
Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| impish | ignored | end of life |
| jammy | not-affected | MacOS-specific |
| kinetic | DNE | |
| lunar | DNE | |
| trusty | ignored | end of standard support |
| upstream | not-affected | debian: MacOS-specific |
| xenial | ignored | end of standard support |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | MacOS-specific |
| devel | DNE | |
| focal | not-affected | MacOS-specific |
| jammy | not-affected | MacOS-specific |
| kinetic | DNE | |
| lunar | DNE | |
| trusty | ignored | end of standard support |
| upstream | not-affected | debian: MacOS-specific |
| xenial | ignored | end of standard support |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.
Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be ca ...
Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.
ELSA-2022-17956: go-toolset:ol8addon security update (IMPORTANT)
EPSS
5 Medium
CVSS2
7.5 High
CVSS3