Endpoint Vulnerability

CVE-2020-7919golang: Integer overflow on 32bit architectures via crafted certificate allows for denial of service

Description

An integer overflow vulnerability was found in the Go crypto/x509 and golang.org/x/crypto/cryptobyte libraries on 32-bit architectures. A remote attacker could exploit this by supplying a crafted x.509 certificate, or other ASN.1 structure, as either a client or server to crash vulnerable Go applications.

Affected Products

golang

References

CVE-2020-7919,