The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.

The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.

The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.

The crypto/tls package of Go through 1.16.5 does not properly assert t ...

Security update for go1.15

Security update for go1.16

Security update for go1.15

Security update for go1.16

Security update for go1.15

Security update for go1.16

The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.

Уязвимость пакета crypto/tls языка программирования Go, позволяющая нарушителю вызвать отказ в обслуживании

ELSA-2021-3076: go-toolset:ol8 security, bug fix, and enhancement update (MODERATE)

ELSA-2021-4226: grafana security, bug fix, and enhancement update (MODERATE)

ELSA-2022-7954: podman security and bug fix update (MODERATE)

ELSA-2024-2988: container-tools:ol8 security update (MODERATE)