Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 999 | all | golang-1.18 | < 1.18.10-1 | golang-1.18_1.18.10-1_all.deb |