Panic Vulnerability in Go Versions 1.12.11 and 1.3.x

Panic Vulnerability in Go Versions 1.12.11 and 1.3.x

CVE-2019-17596 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.

Learn more about our Cis Benchmark Audit For Apple Ios.