Crypto Security Vulnerabilities and Issues — Crypto CVE List

Lucene search

GolangCrypto

3 matches found

CVE•added 2023/12/18 4:15 p.m.•3816 views

CVE-2023-48795

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connecti...

5.9CVSS6.7AI score0.70714EPSS

CVE•added 2019/05/09 4:29 p.m.•319 views

CVE-2019-11840

An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the amd64 implementation of the golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa packages. If more than 256 GiB of keystream is ...

5.9CVSS5.6AI score0.02757EPSS

CVE•added 2019/05/22 5:29 p.m.•270 views

CVE-2019-11841

A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The "...

5.9CVSS5.8AI score0.0039EPSS