MGASA-2020-0173

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2020-7919

Published: 15 Apr 2020, 10:12

Last modified:16 Apr 2026, 04:25

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

15 Apr 2020, 10:12

Published

Vulnerability first disclosed

16 Apr 2026, 04:25

Last Modified

Vulnerability information updated

Description

Updated golang packages fix security vulnerability Updated golang packages fix security vulnerability: An integer overflow vulnerability was found in the Go crypto/x509 and golang.org/x/crypto/cryptobyte libraries on 32-bit architectures. A remote attacker could exploit this by supplying a crafted x.509 certificate, or other ASN.1 structure, as either a client or server to crash vulnerable Go applications (CVE-2020-7919).

Affected Systems

mageia•golang
< 1.12.17-1.mga7

References (3)

https://advisories.mageia.org/MGASA-2020-0173.html
https://bugs.mageia.org/show_bug.cgi?id=26465
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/S43VLYRURELDWX4D5RFOYBNFGO6CGBBC/