Show filters
15 Total Results
Displaying 11-15 of 15
Sort by:
Attacker Value
Unknown

CVE-2021-3114

Disclosure Date: January 26, 2021 (last updated February 22, 2025)
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-28366

Disclosure Date: November 18, 2020 (last updated February 22, 2025)
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-28362

Disclosure Date: November 18, 2020 (last updated February 22, 2025)
Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-7919

Disclosure Date: March 16, 2020 (last updated February 21, 2025)
Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-16276

Disclosure Date: September 30, 2019 (last updated November 08, 2023)
Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous