MEDIUM 5.3
GHSA-9m57-25v3-79x9
golang.org/x/crypto/ssh/agent: Invoking pathological inputs can lead to client panic
Details
For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used.
Are you affected?
Enter the version of the package you're using.
Affected packages
Go / golang.org/x/crypto/ssh/agent
Introduced in:
0 Fixed in: 0.52.0 Fix
go get golang.org/x/crypto/ssh/agent@v0.52.0