Lucene search
Veracode Vulnerability DatabaseVERACODE:22403HistoryJan 30, 2020 - 4:08 a.m.
Certificate Spoofing
2020-01-3004:08:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
EPSS
0.97
Percentile
99.8%
github.com/golang/go is vulnerable to certificate spoofing. A Windows vulnerability allows attackers to spoof valid certificate chains when the system root store is in use.
References
packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html
packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html
github.com/golang/go/issues/36834
github.com/golang/go/issues/36835
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601
Related
attackerkb
attackerkb
CVE-2020-0601, aka NSACrypt
2020-01-14 00:00:00
githubexploit
githubexploit
Exploit for Improper Certificate Validation in Microsoft
2020-03-03 08:49:47
Exploit for Improper Certificate Validation in Microsoft
2020-02-03 13:58:07
Exploit for Improper Certificate Validation in Microsoft
2021-01-17 11:53:28
alpinelinux
alpinelinux
CVE-2020-0601
2020-01-14 23:15:30
cvelist
cvelist
CVE-2020-0601
2020-01-14 23:11:20
cve
cve
CVE-2020-0601
2020-01-14 23:15:30
checkpoint_security
checkpoint_security
Check Point Response to CVE-2020-0601 (CryptoAPI Spoofing Vulnerability)
2020-01-16 01:01:59
exploitdb
exploitdb
msrc
msrc
January 2020 Security Updates: CVE-2020-0601
2020-01-14 18:01:05
January 2020 Security Updates: CVE-2020-0601
2020-01-14 08:00:00
January 2020 Security Updates: CVE-2020-0601
2020-01-14 08:00:00
nvd
nvd
CVE-2020-0601
2020-01-14 23:15:30
krebs
krebs
Cryptic Rumblings Ahead of First 2020 Patch Tuesday
2020-01-13 22:17:47
Patch Tuesday, January 2020 Edition
2020-01-15 02:31:50
qualysblog
qualysblog
mscve
mscve
Windows CryptoAPI Spoofing Vulnerability
2020-01-14 08:00:00
Chromium Security Updates for Microsoft Edge (Chromium-Based)
2020-01-28 08:00:00
osv
osv
CVE-2020-0601
2020-01-14 23:15:30
Certificate validation bypass on Windows in crypto/x509
2022-08-01 22:21:17
BIT-golang-2020-0601
2024-03-06 11:08:38
trellix
trellix
CurveBall β An Unimaginative Pun but a Devastating Bug
2020-06-17 00:00:00
CurveBall β An Unimaginative Pun but a Devastating Bug
2020-06-17 00:00:00
symantec
symantec
Microsoft Windows CryptoAPI CVE-2020-0601 Spoofing Vulnerability
2020-01-14 00:00:00
zdt
zdt
filippoio
filippoio
Replace PGP With an HTTPS Form
2020-07-18 22:00:00
cert
cert
trendmicroblog
trendmicroblog
cisa_kev
cisa_kev
Microsoft Windows CryptoAPI Spoofing Vulnerability
2021-11-03 00:00:00
prion
prion
Spoofing
2020-01-14 23:15:00
schneier
schneier
Critical Windows Vulnerability Discovered by NSA
2020-01-15 12:38:37
cloudfoundry
cloudfoundry
CVE-2020-0601: Windows CryptoAPI Spoofing Vulnerability | Cloud Foundry
2020-01-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows CryptoAPI Spoofing (CVE-2020-0601)
2020-01-16 00:00:00
carbonblack
carbonblack
talosblog
talosblog
Threat Source newsletter (Jan. 16, 2019)
2020-01-23 07:27:43
threatpost
threatpost
PoC Exploits Published For Microsoft Crypto Bug
2020-01-16 16:05:57
Microsoft Patches βMajorβ Crypto Spoofing Bug
2020-01-14 20:32:30
Oracle Ties Previous All-Time Patch High with January Updates
2020-01-14 23:43:10
openvas
openvas
Google Chrome Security Update (stable-channel-update-for-desktop_16-2020-01) - Mac OS X
2020-01-17 00:00:00
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-2766)
2022-11-14 00:00:00
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-2731)
2022-11-14 00:00:00
kaspersky
kaspersky
KLA11647 Multiple vulnerabilities in Google Chrome
2020-01-16 00:00:00
KLA11720 Multiple vulnerabilities in Opera
2020-01-22 00:00:00
KLA11639 Multiple vulnerabilities in Microsoft Windows
2020-01-14 00:00:00
ics
ics
Critical Vulnerabilities in Microsoft Windows Operating Systems
2020-01-14 12:00:00
Potential for China Cyber Response to Heightened U.S.βChina Tensions
2020-10-20 12:00:00
thn
thn
Update Windows 10 Immediately to Patch a Flaw Discovered by the NSA
2020-01-14 18:40:00
nessus
nessus
Microsoft Edge (Chromium) < 79.0.309.68 Multiple Vulnerabilities
2020-07-07 00:00:00
EulerOS 2.0 SP9 : golang (EulerOS-SA-2022-2731)
2022-11-14 00:00:00
EulerOS 2.0 SP9 : golang (EulerOS-SA-2022-2766)
2022-11-14 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2020-01-16 00:00:00
avleonov
avleonov
Big Microsoft day: EOL for Win7, Win2008 and crypt32.dll
2020-01-14 18:02:20
rapid7blog
rapid7blog
securelist
securelist
IT threat evolution Q1 2020. Statistics
2020-05-20 10:00:43
mskb
mskb
January 14, 2020βKB4534306 (OS Build 10240.18453)
2020-01-14 08:00:00
January 14, 2020βKB4528760 (OS Builds 18362.592 and 18363.592) - EXPIRED
2020-01-14 08:00:00
January 14, 2020βKB4534273 (OS Build 17763.973)
2020-01-14 08:00:00