If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.

Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls

If one side of the TLS connection sends multiple key update messages p ...

When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.

Уязвимость пакета crypto/x509 языка программирования Go, позволяющая нарушителю проводить атаки типа "человек посередине"

Уязвимость golang

Important: go-fdo-client security update

Important: grafana-pcp security update

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.

ELSA-2026-11881: grafana-pcp security update (IMPORTANT)

Уязвимость языка программирования Go, связанная с неограниченным распределением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость golang

Important: go-fdo-server security update

Important: yggdrasil security update