Go prior to 1.12.11 and 1.3.x prior to 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
golang go |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
fedoraproject fedora 30 |
||
fedoraproject fedora 31 |
||
redhat enterprise linux 8.0 |
||
redhat developer tools 1.0 |
||
redhat enterprise linux server 8.1 |
||
opensuse leap 15.0 |
||
opensuse leap 15.1 |
||
arista mos |
||
arista eos |
||
arista cloudvision portal 2019.1.2 |
||
arista cloudvision portal 2019.1.1 |
||
arista cloudvision portal 2019.1.0 |
||
arista cloudvision portal |
||
arista terminattr |