Executive Summary

Informations
NameCVE-2019-6486First vendor Publication2019-01-24
VendorCveLast vendor Modification2019-06-03

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:P)
Cvss Base Score6.4Attack RangeNetwork
Cvss Impact Score4.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6486

CWE : Common Weakness Enumeration

%idName
100 %CWE-400Uncontrolled Resource Consumption ('Resource Exhaustion')

CPE : Common Platform Enumeration

TypeDescriptionCount
Application108
Os2
Os1

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/106740
CONFIRM https://github.com/golang/go/commit/42b42f71cf8f5956c09e66230293dfb5db652360
https://github.com/golang/go/issues/29903
https://groups.google.com/forum/#!topic/golang-announce/mVeX35iXuSw
DEBIAN https://www.debian.org/security/2019/dsa-4379
https://www.debian.org/security/2019/dsa-4380
MISC https://github.com/google/wycheproof
MLIST https://lists.debian.org/debian-lts-announce/2019/02/msg00009.html
SUSE http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00042.html
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00060.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00011.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00015.html

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
DateInformations
2019-06-04 00:19:08
  • Multiple Updates
2019-06-03 21:19:23
  • Multiple Updates
2019-05-27 17:19:23
  • Multiple Updates
2019-04-19 21:19:32
  • Multiple Updates
2019-04-19 05:18:10
  • Multiple Updates
2019-04-06 05:19:10
  • Multiple Updates
2019-03-21 21:19:23
  • Multiple Updates
2019-02-26 21:19:42
  • Multiple Updates
2019-02-07 17:19:16
  • Multiple Updates
2019-02-02 17:18:56
  • Multiple Updates
2019-01-29 17:19:12
  • Multiple Updates
2019-01-25 21:19:13
  • Multiple Updates
2019-01-24 09:19:04
  • First insertion