Vulnerabilities > Golang > Crypto > 2017.03.17
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-09 | CVE-2019-11840 | Use of Insufficiently Random Values vulnerability in multiple products An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto, before 2019-03-20. | 5.9 |
2017-04-04 | CVE-2017-3204 | Security Bypass vulnerability in Golang Go SSH Library The Go SSH library (x/crypto/ssh) by default does not verify host keys, facilitating man-in-the-middle attacks. network golang | 6.8 |