The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-07-15T13:47:36
Updated: 2022-08-04T15:10:07
Reserved: 2021-06-10T00:00:00
Link: CVE-2021-34558
JSON object: View
NVD Information
Status : Modified
Published: 2021-07-15T14:15:19.660
Modified: 2023-11-07T03:36:01.413
Link: CVE-2021-34558
JSON object: View
Redhat Information
No data.
CWE