Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
24/10/2019
by Golang
5 months ago
by Arista
10 months ago
by Redhat
2 years ago
by Arista
2 years ago
by Fedoraproject
a month ago
by Debian
2 months ago
by Redhat
2 months ago
by Redhat
3 months ago
by Arista
5 months ago
by Opensuse
7 months ago
by Arista
8 months ago