Launch Week Day 1: Announcing Security Design Review
Start for Free
UNKNOWN Go

ParsePKCS1PrivateKey panic with partial keys in crypto/x509

GO-2025-3421 · BIT-golang-2025-22865 · CVE-2025-22865

Published · Modified

Description

Using ParsePKCS1PrivateKey to parse a RSA key that is missing the CRT values would panic when verifying that the key is well formed.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes