pkg:Go/golang.org/x/crypto

共 41 筆 CVECRITICAL9HIGH18MEDIUM14

✅ 檢查你的版本

所有已知漏洞

  • CRITICAL10.0CVE-2026-46595Invoking VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh
    from 0, < 0.52.0
  • CRITICAL9.1CVE-2026-39830Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh
    from 0, < 0.52.0
  • CRITICAL9.1CVE-2026-39832Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent
    from 0, < 0.52.0
  • CRITICAL9.1CVE-2026-42508Invoking auth bypass via unenforced @revoked status in golang.org/x/crypto/ssh/knownhosts
    from 0, < 0.52.0
  • CRITICAL9.1CVE-2026-39833Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent
    from 0, < 0.52.0
  • CRITICAL9.1CVE-2026-39831Invoking bypass of FIDO/U2F security keys physical interaction in golang.org/x/crypto/ssh
    from 0, < 0.52.0
  • CRITICAL9.1CVE-2026-39834Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh
    from 0, < 0.52.0
  • CRITICAL9.1CVE-2024-45337Misuse of connection.serverAuthenticate may cause authorization bypass in golang.org/x/crypto
    from 0, < 0.31.0
  • CRITICAL9.1CVE-2024-45337Misuse of connection.serverAuthenticate may cause authorization bypass in golang.org/x/crypto
    from 0, < 0.31.0
  • HIGH8.1CVE-2017-3204Man-in-the-middle attack in golang.org/x/crypto/ssh
    from 0, < 0.0.0-20170330155735-e4e2799dd7aa
  • HIGH8.1CVE-2017-3204Man-in-the-middle attack in golang.org/x/crypto/ssh
    from 0, < 0.0.0-20170330155735-e4e2799dd7aa
  • HIGH7.5CVE-2026-39829Invoking pathological RSA/DSA parameters may cause DoS in golang.org/x/crypto/ssh
    from 0, < 0.52.0
  • HIGH7.5CVE-2026-46597Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh
    from 0, < 0.52.0
  • HIGH7.5CVE-2025-47913Potential denial of service in golang.org/x/crypto/ssh/agent
    from 0, < 0.43.0
  • HIGH7.5CVE-2025-22869Potential denial of service in golang.org/x/crypto
    from 0, < 0.35.0
  • HIGH7.5CVE-2025-22869Potential denial of service in golang.org/x/crypto
    from 0, < 0.35.0
  • HIGH7.5CVE-2022-30636Limited directory traversal vulnerability on Windows in golang.org/x/crypto
    from 0, < 0.0.0-20220525230936-793ad666bf5e
  • HIGH7.5CVE-2021-43565Panic on malformed packets in golang.org/x/crypto/ssh
    from 0, < 0.0.0-20211202192323-5770296d904e
  • HIGH7.5CVE-2021-43565Panic on malformed packets in golang.org/x/crypto/ssh
    from 0, < 0.0.0-20211202192323-5770296d904e
  • HIGH7.5CVE-2020-29652Panic on crafted authentication request message in golang.org/x/crypto/ssh
    from 0, < 0.0.0-20201216223049-8b5274cf687f
  • HIGH7.5CVE-2020-29652Panic on crafted authentication request message in golang.org/x/crypto/ssh
    from 0, < 0.0.0-20201216223049-8b5274cf687f
  • HIGH7.5CVE-2022-27191Denial of service via crafted Signer in golang.org/x/crypto/ssh
    from 0, < 0.0.0-20220314234659-1baeb1ce4c0b
  • HIGH7.5CVE-2022-27191Denial of service via crafted Signer in golang.org/x/crypto/ssh
    from 0, < 0.0.0-20220314234659-1baeb1ce4c0b
  • HIGH7.5CVE-2020-7919Panic in certificate parsing in crypto/x509 and golang.org/x/crypto/cryptobyte
    from 0, < 0.0.0-20200124225646-8b5121be2f68
  • HIGH7.5CVE-2020-7919Panic in certificate parsing in crypto/x509 and golang.org/x/crypto/cryptobyte
    from 0, < 0.0.0-20200124225646-8b5121be2f68
  • HIGH7.5CVE-2020-9283packer - security update
    from 0, < 0.0.0-20200220183623-bac4c82f6975
  • HIGH7.5CVE-2020-9283packer - security update
    from 0, < 0.0.0-20200220183623-bac4c82f6975
  • MEDIUM6.5CVE-2026-39827Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh
    from 0, < 0.52.0
  • MEDIUM6.3CVE-2026-39828Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh
    from 0, < 0.52.0
  • MEDIUM5.9CVE-2023-48795Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapin
    from 0, < 0.17.0
  • MEDIUM5.9CVE-2023-48795Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapin
    >= 0.1.0, < 0.17.0
  • MEDIUM5.9CVE-2019-11841golang-go.crypto - security update
    from 0, < 0.0.0-20190424203555-c05e17bb3b2d
  • MEDIUM5.9CVE-2019-11841golang-go.crypto - security update
    from 0, < 0.0.0-20190424203555-c05e17bb3b2d
  • MEDIUM5.9CVE-2019-11840golang-go.crypto - security update
    from 0, < 0.0.0-20190320223903-b7391e95e576
  • MEDIUM5.9CVE-2019-11840golang-go.crypto - security update
    from 0, < 0.0.0-20190320223903-b7391e95e576
  • MEDIUM5.3CVE-2026-46598Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent
    from 0, < 0.52.0
  • MEDIUM5.3CVE-2026-39835Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh
    from 0, < 0.52.0
  • MEDIUM5.3CVE-2025-47914Malformed constraint may cause denial of service in golang.org/x/crypto/ssh/agent
    from 0, < 0.45.0
  • MEDIUM5.3CVE-2025-47914Malformed constraint may cause denial of service in golang.org/x/crypto/ssh/agent
    from 0, < 0.45.0
  • MEDIUM5.3CVE-2025-58181Unbounded memory consumption in golang.org/x/crypto/ssh
    from 0, < 0.45.0
  • MEDIUM5.3CVE-2025-58181Unbounded memory consumption in golang.org/x/crypto/ssh
    from 0, < 0.45.0