Sign In

CVE-2019-17596

ADVISORY - nist

Summary

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.

EPSS Score: 0.0234 (0.843)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-436

Interpretation Conflict

ADVISORY - redhat

CWE-295

Improper Certificate Validation

Impacted images

Advisories

GoLang

CREATED

UPDATED

ADVISORY IDGO-2022-0213
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY
PackageTypeOS NameOS VersionAffected RangesFix Versions
stdlibgolang-->=1.13.0-0,<1.13.21.13.2
stdlibgolang--<1.12.111.12.11

Severity and metrics

No CVSS data available from this advisory.

NIST

CREATED

UPDATED

ADVISORY IDCVE-2019-17596
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CWE-436

CVSS SCORE

7.5high

Alpine

CREATED

UPDATED

ADVISORY IDCVE-2019-17596
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

UPDATED

ADVISORY IDCVE-2019-17596
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2019-17596
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5medium

Amazon

CREATED

UPDATED

ADVISORY IDALAS-2024-1938
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

UPDATED

ADVISORY IDALAS2-2024-2545
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2019-17596
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-295

CVSS SCORE

7.5medium

Oracle

CREATED

UPDATED

ADVISORY IDELSA-2020-0329
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

intheWild

CREATED

UPDATED

ADVISORY IDCVE-2019-17596
EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY