VYPR

Go modules package

github.com/microsoft/go-crypto-openssl

pkg:golang/github.com/microsoft/go-crypto-openssl

Vulnerabilities (1)

  • CVE-2024-1394HigMar 21, 2024
    affected <= 0.2.8

    A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and