Lucene search
K

5 matches found

OSV
OSV
added 2024/03/12 8:24 a.m.18 views

BIT-GOLANG-2024-24783 Verify panics on certificates with an unknown public key algorithm in crypto/x509

Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...

5.9CVSS6.5AI score0.00667EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/03/07 12:0 a.m.50 views

Golang < 1.21.8, 1.22.x < 1.22.1 Multiple Vulnerabilities

The version of Golang running on the remote host is prior to 1.21.8 or 1.22.x prior to 1.22.1. It is, therefore, is affected by multiple vulnerabilities: - A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded. CVE-2023-45289 - Verifying a certificate chai...

7.5CVSS6.6AI score0.0108EPSS
Exploits0References8
Prion
Prion
added 2024/03/05 11:15 p.m.21 views

Design/Logic Flaw

Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...

6.7AI score0.00667EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2024/03/05 10:22 p.m.41 views

CVE-2024-24783

Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...

5.9CVSS7.4AI score0.00667EPSS
Exploits0
Debian CVE
Debian CVE
added 2024/03/05 10:22 p.m.26 views

CVE-2024-24783

Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...

5.9CVSS7.3AI score0.00667EPSS
Exploits0
Rows per page
Query Builder