3 matches found
SUSE CVE-2015-3195
The ASN1TFLGCOMBINE implementation in crypto/asn1/tasndec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by...
SUSE CVE-2020-7919
Go before 1.12.16 and 1.13.x before 1.13.7 and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go allows attacks on clients resulting in a panic via a malformed X.509 certificate...
Google Go Trust Management Issues Vulnerability (CNVD-2020-33729)
Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google. A security vulnerability exists in Google Go version 1.12.16 and versions prior to 1.13.7 in versions prior to 1.13.x in crypto/cryptobyte package 0.0.0-20200124225646-8b5121be2f6...