Go Programming Language - (bulletinjan2019)| ID: oval:org.secpod.oval:def:2103458 | Date: (C)2019-12-31 (M)2022-10-10 |
| Class: PATCH | Family: unix |
Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks.
| Product: |
| library/golang/tour |
| library/golang/tour-17 |
| library/golang/tools |
| library/golang/tools-17 |
| library/golang/text |
| library/golang/text-17 |
| library/golang/sys |
| library/golang/sys-17 |
| library/golang/net |
| library/golang/net-17 |
| library/golang/lint |
| library/golang/lint-17 |
| library/golang/image |
| library/golang/image-17 |
| library/golang/crypto |
| library/golang/crypto-17 |
| developer/golang |
| developer/golang-17 |
