CVE-2021-34558

ADVISORY - nist

Summary

The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.

EPSS Score⁠: 0.00839 (0.737)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-295⁠

Improper Certificate Validation

ADVISORY - redhat

CWE-20⁠

Improper Input Validation

Impacted images

Advisories

NIST

CREATED

4 years ago

UPDATED

7 months ago

ADVISORY IDCVE-2021-34558⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-295⁠

CVSS SCORE

6.5medium

Alpine

CREATED

4 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2021-34558⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

4 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2021-34558⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

4 years ago

UPDATED

26 days ago

ADVISORY IDCVE-2021-34558⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.5medium

GoLang

CREATED

3 years ago

UPDATED

1 year ago

ADVISORY IDGO-2021-0243⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Alma

CREATED

4 years ago

UPDATED

4 years ago

ADVISORY IDALSA-2021:4226⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

3 years ago

UPDATED

3 years ago

ADVISORY IDALSA-2022:7954⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

4 years ago

UPDATED

4 years ago

ADVISORY IDALAS-2021-1527⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

4 years ago

UPDATED

4 years ago

ADVISORY IDALAS2-2021-1694⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY ID

BIT-2021-34558

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

1 year ago

UPDATED

3 months ago

ADVISORY ID

BIT-golang-2021-34558

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.5medium

Red Hat

CREATED

4 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2021-34558⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-20⁠

CVSS SCORE

6.5medium

Rocky

CREATED

4 years ago

UPDATED

4 months ago

ADVISORY IDRLSA-2021:3076⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Rocky

CREATED

4 years ago

UPDATED

4 months ago

ADVISORY IDRLSA-2021:4226⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Oracle

CREATED

4 years ago

UPDATED

4 years ago

ADVISORY IDELSA-2021-3076⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

4 years ago

UPDATED

4 years ago

ADVISORY IDELSA-2021-4226⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

3 years ago

UPDATED

3 years ago

ADVISORY IDELSA-2022-7954⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDELSA-2024-2988⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

intheWild

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDCVE-2021-34558⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY