Download
| Alert*
CVE-2019-17596 -- golang-1.11, golang-1.7, golang-1.8
Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.
|