VYPR
High severityNVD Advisory· Published Mar 16, 2020· Updated Aug 4, 2024

CVE-2020-7919

CVE-2020-7919

Description

Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/helm/helmGo
>= 2.0.0, < 2.16.82.16.8
helm.sh/helm/v3Go
>= 3.0.0, < 3.1.03.1.0
golang.org/x/cryptoGo
< 0.0.0-20200124225646-8b5121be2f680.0.0-20200124225646-8b5121be2f68

Affected products

12

Patches

Vulnerability mechanics

References

21

News mentions

0

No linked articles in our index yet.