7.5
CVE-2026-32280
- EPSS 0.62%
- Veröffentlicht 08.04.2026 01:06:58
- Zuletzt bearbeitet 10.07.2026 12:16:38
- Quelle security@golang.org
- CVE-Watchlists
- Unerledigt
Unexpected work during chain building in crypto/x509
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.62% | 0.449 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-770 Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
https://go.dev/cl/758320
https://go.dev/issue/78282
https://bugzilla.redhat.com/show_bug.cgi?id=2456339
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32280.json
https://access.redhat.com/errata/RHSA-2026:17084
https://access.redhat.com/errata/RHSA-2026:19375
https://access.redhat.com/errata/RHSA-2026:19634
https://access.redhat.com/errata/RHSA-2026:21017
https://access.redhat.com/errata/RHSA-2026:23361
https://access.redhat.com/errata/RHSA-2026:24977
https://access.redhat.com/errata/RHSA-2026:25089
https://access.redhat.com/errata/RHSA-2026:25127
https://access.redhat.com/errata/RHSA-2026:26636
https://access.redhat.com/errata/RHSA-2026:28047
https://access.redhat.com/errata/RHSA-2026:28441
https://access.redhat.com/errata/RHSA-2026:28886
https://access.redhat.com/errata/RHSA-2026:28961
https://access.redhat.com/errata/RHSA-2026:11688
https://access.redhat.com/errata/RHSA-2026:13545
https://access.redhat.com/errata/RHSA-2026:13791
https://access.redhat.com/errata/RHSA-2026:13829
https://access.redhat.com/errata/RHSA-2026:14020
https://access.redhat.com/errata/RHSA-2026:16874
https://access.redhat.com/errata/RHSA-2026:16875
https://access.redhat.com/errata/RHSA-2026:17287
https://access.redhat.com/errata/RHSA-2026:19133
https://access.redhat.com/errata/RHSA-2026:19135
https://access.redhat.com/errata/RHSA-2026:19350
https://access.redhat.com/errata/RHSA-2026:19353
https://access.redhat.com/errata/RHSA-2026:19719
https://access.redhat.com/errata/RHSA-2026:19720
https://access.redhat.com/errata/RHSA-2026:19721
https://access.redhat.com/errata/RHSA-2026:19750
https://access.redhat.com/errata/RHSA-2026:20889
https://access.redhat.com/errata/RHSA-2026:21655
https://access.redhat.com/errata/RHSA-2026:21769
https://access.redhat.com/errata/RHSA-2026:22347
https://access.redhat.com/errata/RHSA-2026:22862
https://access.redhat.com/errata/RHSA-2026:23345
https://access.redhat.com/errata/RHSA-2026:24853
https://access.redhat.com/errata/RHSA-2026:25180
https://access.redhat.com/errata/RHSA-2026:26568
https://access.redhat.com/errata/RHSA-2026:26585
https://access.redhat.com/errata/RHSA-2026:27076
https://access.redhat.com/errata/RHSA-2026:29035
https://access.redhat.com/errata/RHSA-2026:29195
https://access.redhat.com/errata/RHSA-2026:29455
https://access.redhat.com/errata/RHSA-2026:29702
https://access.redhat.com/errata/RHSA-2026:29703
https://access.redhat.com/errata/RHSA-2026:29854
https://access.redhat.com/errata/RHSA-2026:33722
https://access.redhat.com/errata/RHSA-2026:34365
https://access.redhat.com/errata/RHSA-2026:9385
https://access.redhat.com/errata/RHSA-2026:28038
https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
https://pkg.go.dev/vuln/GO-2026-4947
https://access.redhat.com/errata/RHSA-2026:10217
https://access.redhat.com/errata/RHSA-2026:10219
https://access.redhat.com/errata/RHSA-2026:10704
https://access.redhat.com/errata/RHSA-2026:11507
https://access.redhat.com/errata/RHSA-2026:11514
https://access.redhat.com/errata/RHSA-2026:13826
https://access.redhat.com/errata/RHSA-2026:14162
https://access.redhat.com/errata/RHSA-2026:14200
https://access.redhat.com/errata/RHSA-2026:14391
https://access.redhat.com/errata/RHSA-2026:15980
https://access.redhat.com/errata/RHSA-2026:16021
https://access.redhat.com/errata/RHSA-2026:16024
https://access.redhat.com/errata/RHSA-2026:16101
https://access.redhat.com/errata/RHSA-2026:16476
https://access.redhat.com/errata/RHSA-2026:16477
https://access.redhat.com/errata/RHSA-2026:16505
https://access.redhat.com/errata/RHSA-2026:16508
https://access.redhat.com/errata/RHSA-2026:16532
https://access.redhat.com/errata/RHSA-2026:16534
https://access.redhat.com/errata/RHSA-2026:16535
https://access.redhat.com/errata/RHSA-2026:16537
https://access.redhat.com/errata/RHSA-2026:16542
https://access.redhat.com/errata/RHSA-2026:18027
https://access.redhat.com/errata/RHSA-2026:18032
https://access.redhat.com/errata/RHSA-2026:19144
https://access.redhat.com/errata/RHSA-2026:19450
https://access.redhat.com/errata/RHSA-2026:19550
https://access.redhat.com/errata/RHSA-2026:19714
https://access.redhat.com/errata/RHSA-2026:19715
https://access.redhat.com/errata/RHSA-2026:19722
https://access.redhat.com/errata/RHSA-2026:19839
https://access.redhat.com/errata/RHSA-2026:20556
https://access.redhat.com/errata/RHSA-2026:20569
https://access.redhat.com/errata/RHSA-2026:20570
https://access.redhat.com/errata/RHSA-2026:20571
https://access.redhat.com/errata/RHSA-2026:20607
https://access.redhat.com/errata/RHSA-2026:20608
https://access.redhat.com/errata/RHSA-2026:20609
https://access.redhat.com/errata/RHSA-2026:21338
https://access.redhat.com/errata/RHSA-2026:21772
https://access.redhat.com/errata/RHSA-2026:22130
https://access.redhat.com/errata/RHSA-2026:22141
https://access.redhat.com/errata/RHSA-2026:22258
https://access.redhat.com/errata/RHSA-2026:22260
https://access.redhat.com/errata/RHSA-2026:22268
https://access.redhat.com/errata/RHSA-2026:22309
https://access.redhat.com/errata/RHSA-2026:22415
https://access.redhat.com/errata/RHSA-2026:22422
https://access.redhat.com/errata/RHSA-2026:22465
https://access.redhat.com/errata/RHSA-2026:22485
https://access.redhat.com/errata/RHSA-2026:22709
https://access.redhat.com/errata/RHSA-2026:22713
https://access.redhat.com/errata/RHSA-2026:22840
https://access.redhat.com/errata/RHSA-2026:22958
https://access.redhat.com/errata/RHSA-2026:22959
https://access.redhat.com/errata/RHSA-2026:22960
https://access.redhat.com/errata/RHSA-2026:22961
https://access.redhat.com/errata/RHSA-2026:22962
https://access.redhat.com/errata/RHSA-2026:23102
https://access.redhat.com/errata/RHSA-2026:23103
https://access.redhat.com/errata/RHSA-2026:23244
https://access.redhat.com/errata/RHSA-2026:24337
https://access.redhat.com/errata/RHSA-2026:24359
https://access.redhat.com/errata/RHSA-2026:24470
https://access.redhat.com/errata/RHSA-2026:24478
https://access.redhat.com/errata/RHSA-2026:24716
https://access.redhat.com/errata/RHSA-2026:24761
https://access.redhat.com/errata/RHSA-2026:24762
https://access.redhat.com/errata/RHSA-2026:26447
https://access.redhat.com/errata/RHSA-2026:26571
https://access.redhat.com/errata/RHSA-2026:28074
https://access.redhat.com/errata/RHSA-2026:28196
https://access.redhat.com/errata/RHSA-2026:28198
https://access.redhat.com/errata/RHSA-2026:34192
https://access.redhat.com/errata/RHSA-2026:34196
https://access.redhat.com/errata/RHSA-2026:34197
https://access.redhat.com/security/cve/CVE-2026-32280
https://access.redhat.com/errata/RHSA-2026:36319
https://access.redhat.com/errata/RHSA-2026:36651
https://access.redhat.com/errata/RHSA-2026:34097
https://access.redhat.com/errata/RHSA-2026:36796