Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.
{ "cpes": [ "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*" ], "severity": "High" }