Launch Week Day 1: Announcing Security Design Review
Start for Free
HIGH 7.5 Go

golang.org/x/crypto/ssh Denial of service via crafted Signer

GHSA-8c26-wmh5-6g9v · CVE-2022-27191 · GO-2021-0356

Published · Modified

Description

The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes