Golang Crypto
16 CVEs affecting Golang Crypto. Latest disclosed: 2026-05-22. Critical: 7, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-46595 | Critical | 10.0 | 2026-05-22 | Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key… |
CVE-2026-42508 | Critical | 9.1 | 2026-05-22 | Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for @re… |
CVE-2026-39834 | Critical | 9.1 | 2026-05-22 | When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop… |
CVE-2026-39833 | Critical | 9.1 | 2026-05-22 | The in-memory keyring returned by NewKeyring() silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without an… |
CVE-2026-39832 | Critical | 9.1 | 2026-05-22 | When adding a key to a remote agent constraint extensions such as restrict-destination-v00@openssh.com were not serialized in the request. Destination restrict… |
CVE-2026-39831 | Critical | 9.1 | 2026-05-22 | The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com) did not check the User Presence flag. Sign… |
CVE-2026-39830 | Critical | 9.1 | 2026-05-22 | A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine cou… |
CVE-2017-3204 | High | 8.1 | 2017-04-04 | The Go SSH library (x/crypto/ssh) by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to r… |
CVE-2026-46597 | High | 7.5 | 2026-05-22 | An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs. |
CVE-2026-39829 | High | 7.5 | 2026-05-22 | The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could… |
CVE-2026-39827 | Medium | 6.5 | 2026-05-22 | An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server pr… |
CVE-2026-39828 | Medium | 6.3 | 2026-05-22 | When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially droppi… |
CVE-2023-48795 | Medium | 5.9 | 2023-12-18 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks… |
CVE-2019-11840 | Medium | 5.9 | 2019-05-09 | An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the a… |
CVE-2026-46598 | Medium | 5.3 | 2026-05-22 | For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used. |
CVE-2026-39835 | Medium | 5.3 | 2026-05-22 | SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a… |