—

GO-2026-5052

Vulnerability in software.sslmate.com/src/go-pkcs12

상세

Users who decode PKCS#12 files from untrusted sources and rely on the password for authentication can be tricked into accepting malicious PKCS#12 files.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

Go / software.sslmate.com/src/go-pkcs12

최초 영향 버전: 0.6.0 수정 버전: 0.7.2

수정 go get software.sslmate.com/src/go-pkcs12@v0.7.2

참고

https://github.com/SSLMate/go-pkcs12/security/advisories/GHSA-mpwr-8vm7-h73f [ADVISORY]
https://github.com/SSLMate/go-pkcs12/commit/03c441f6b0267f695ca02464133c0b373bf4dd55 [FIX]