VYPR

crypto/x509

by GO

CVEs (1)

  • CVE-2018-16875Dec 14, 2018
    risk 0.00cvss epss 0.06

    The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates…