blob: 2e49f3bc727d63353ada4b67050c7512b57fe2dc [file] [log] [blame]
module: std
package: crypto/x509
versions:
- fixed: go1.13.13
- fixed: go1.14.5
- fixed: go1.15.0
description: |
On Windows, if VerifyOptions.Roots is nil, Certificate.Verify
does not check the EKU requirements specified in VerifyOptions.KeyUsages.
This may allow a certificate to be used for an unintended purpose.
published: 2022-02-17T17:46:03Z
cves:
- CVE-2020-14039
credit: Niall Newman
symbols:
- Certificate.systemVerify
os:
- windows
links:
pr: https://go.dev/cl/242597
commit: https://go.googlesource.com/go/+/82175e699a2e2cd83d3aa34949e9b922d66d52f5
context:
- https://go.dev/issue/39360
- https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w