Golang crypto/rand Denial-of-Service Vulnerability

description-logoDescription

Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes.

affected-products-logoAffected Applications

Go Programming Language

CVE References

CVE-2022-30634