Lucene search
K

9 matches found

RedHat Linux
RedHat Linux
added 2026/06/09 11:19 a.m.12 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/19 4:11 p.m.32 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/11 10:53 p.m.9 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/11 6:39 p.m.11 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/05/09 9:50 a.m.3 views

golang: crypto/tls: session tickets lack random ticket_age_add

A flaw was found in the crypto/tls golang package. When session tickets are generated by crypto/tls, it is missing the ticket expiration. This issue may allow an attacker to observe the TLS handshakes to correlate successive connections during session resumption...

3.1CVSS6.6AI score0.0088EPSS
Exploits1References5
Snyk
Snyk
added 2023/02/16 10:24 p.m.4 views

Uncaught Exception

Overview std/crypto/tls is a Go standard library package std/crypto/tls Affected versions of this package are vulnerable to Uncaught Exception. Go Vulnerability Report: Large handshake records may cause panics in crypto/tls.Both clients and servers may send large TLS handshake records which cause...

8.7CVSS9.1AI score0.01111EPSS
Exploits0References3
OSV
OSV
added 2021/01/26 6:16 p.m.19 views

CVE-2021-3114

In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field...

6.5CVSS6.7AI score
Exploits0References8
RedHat Linux
RedHat Linux
added 2021/01/20 4:54 p.m.5 views

golang.org/x/crypto: Keystream loop in amd64 assembly when overflowing 32-bit counter

An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the amd64 implementation of the golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa packages. If more than 256 GiB of keystream i...

5.9CVSS7.3AI score0.03437EPSS
Exploits0References5
OSV
OSV
added 2019/05/09 4:29 p.m.7 views

CVE-2019-11840

An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the amd64 implementation of the golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa packages. If more than 256 GiB of keystream i...

5.9CVSS5.7AI score
Exploits0References11
Rows per page
Query Builder