GO-2021-0140

See a problem?
Please try reporting it to the source first.
Source
https://pkg.go.dev/vuln/GO-2021-0140
Import Source
https://vuln.go.dev/ID/GO-2021-0140.json
JSON Data
https://api.osv.dev/v1/vulns/GO-2021-0140
Withdrawn
2024-05-15T05:37:10.981937Z
Published
2022-01-04T18:11:08Z
Modified
2022-05-23T18:04:20Z
Summary
[none]
Details

X509 Certificate verification does not validate KeyUsages EKU requirements on Windows if VerifyOptions.Roots is nil.

References

Affected packages

Go / crypto/x509

Package

Name
crypto/x509
View open source insights on deps.dev
Purl
pkg:golang/crypto/x509

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.13.13
Introduced
1.14.0
Fixed
1.14.5

Ecosystem specific 

{
    "goos": [
        "windows"
    ],
    "symbols": [
        "Certificate.Verify"
    ]
}

Database specific

url 
"https://pkg.go.dev/vuln/GO-2021-0140"
source 
"https://vuln.go.dev/ID/GO-2021-0140.json"