CVE-2021-34558

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-34558

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-34558.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-34558

Aliases

Related

Published

2021-07-15T14:15:19Z

Modified

2024-09-18T03:15:48.159383Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.

References

Affected packages

Debian:11 / golang-1.15

Package

Name: golang-1.15
Purl: pkg:deb/debian/golang-1.15?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.15.9-6

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/golang/go

Affected ranges

Type: GIT
Repo: https://github.com/golang/go
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

c6d89dbf9954b101589e2db8e170b84167782109

Affected versions

go1.*

go1.10beta1

go1.10beta2

go1.10rc1

go1.10rc2

go1.11beta1

go1.11beta2

go1.11beta3

go1.12beta1

go1.12beta2

go1.13beta1

go1.14beta1

go1.15

go1.15.1

go1.15.10

go1.15.11

go1.15.12

go1.15.13

go1.15.2

go1.15.3

go1.15.4

go1.15.5

go1.15.6

go1.15.7

go1.15.8

go1.15.9

go1.15beta1

go1.15rc1

go1.15rc2

go1.3beta1

go1.3beta2

go1.4beta1

go1.5beta1

go1.5beta2

go1.5beta3

go1.6beta1

go1.6beta2

go1.7beta1

go1.7beta2

go1.7rc1

go1.7rc2

go1.7rc3

go1.7rc4

go1.8beta1

go1.8beta2

go1.9beta1

go1.9beta2

release.*

release.r56

Other

weekly

weekly.*

weekly.2009-11-06

weekly.2009-11-10

weekly.2009-11-10.1

weekly.2009-11-12

weekly.2009-11-17

weekly.2009-12-07

weekly.2009-12-09

weekly.2009-12-22

weekly.2010-01-05

weekly.2010-01-13

weekly.2010-01-27

weekly.2010-02-04

weekly.2010-02-17

weekly.2010-02-23

weekly.2010-03-04

weekly.2010-03-15

weekly.2010-03-22

weekly.2010-03-30

weekly.2010-04-13

weekly.2010-04-27

weekly.2010-05-04

weekly.2010-05-27

weekly.2010-06-09

weekly.2010-06-21

weekly.2010-07-01

weekly.2010-07-14

weekly.2010-07-29

weekly.2010-08-04

weekly.2010-08-11

weekly.2010-08-25

weekly.2010-09-06

weekly.2010-09-15

weekly.2010-09-22

weekly.2010-09-29

weekly.2010-10-13

weekly.2010-10-13.1

weekly.2010-10-20

weekly.2010-10-27

weekly.2010-11-02

weekly.2010-11-10

weekly.2010-11-23

weekly.2010-12-02

weekly.2010-12-08

weekly.2010-12-15

weekly.2010-12-15.1

weekly.2010-12-22

weekly.2011-01-06

weekly.2011-01-12

weekly.2011-01-19

weekly.2011-01-20

weekly.2011-02-01

weekly.2011-02-01.1

weekly.2011-02-15

weekly.2011-02-24

weekly.2011-03-07

weekly.2011-03-07.1

weekly.2011-03-15

weekly.2011-03-28

weekly.2011-04-04

weekly.2011-04-13

weekly.2011-04-27

weekly.2011-05-22

weekly.2011-06-02

weekly.2011-06-09

weekly.2011-06-16

weekly.2011-06-23

weekly.2011-07-07

weekly.2011-07-19

weekly.2011-07-29

weekly.2011-08-10

weekly.2011-08-17

weekly.2011-09-01

weekly.2011-09-07

weekly.2011-09-16

weekly.2011-09-21

weekly.2011-10-06

weekly.2011-10-18

weekly.2011-10-25

weekly.2011-10-26

weekly.2011-11-01

weekly.2011-11-02

weekly.2011-11-08

weekly.2011-11-09

weekly.2011-11-18

weekly.2011-12-01

weekly.2011-12-02

weekly.2011-12-06

weekly.2011-12-14

weekly.2011-12-22

weekly.2012-01-15

weekly.2012-01-20

weekly.2012-01-27

weekly.2012-02-07

weekly.2012-02-14

weekly.2012-02-22

weekly.2012-03-04

weekly.2012-03-13

weekly.2012-03-22

weekly.2012-03-27