golang.org/x/crypto vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2025-47914Mediumgolang.org/x/crypto: golang.org/x/crypto/ssh/agent vulnerable to panic if message is malformed due to out of bounds readCVE-2025-58181Mediumgolang.org/x/crypto: golang.org/x/crypto/ssh allows an attacker to cause unbounded memory consumptionCVE-2025-22869Highgolang.org/x/crypto: golang.org/x/crypto Vulnerable to Denial of Service (DoS) via Slow or Incomplete Key ExchangeCVE-2024-45337Criticalgolang.org/x/crypto: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/cryptoCVE-2023-48795Mediumrussh: Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka TerrapinCVE-2017-3204Highgolang.org/x/crypto: golang.org/x/crypto/ssh Man-in-the-Middle attackCVE-2021-43565Highgolang.org/x/crypto: x/crypto/ssh vulnerable to panic via malformed packetsCVE-2020-29652Highgolang.org/x/crypto: golang.org/x/crypto/ssh NULL Pointer Dereference vulnerabilityCVE-2019-11841Mediumgolang.org/x/crypto: Golang/x/crypto message forgery vulnerabilityCVE-2019-11840Mediumgolang.org/x/crypto: golang.org/x/crypto/salsa20/salsa uses insufficiently random valuesCVE-2022-27191Highgolang.org/x/crypto: golang.org/x/crypto/ssh Denial of service via crafted SignerCVE-2020-7919Highgithub.com/helm/helm: Helm uses crypto package vulnerable to panic from malformed X.509 certificateCVE-2020-9283Highgolang.org/x/crypto: Improper Verification of Cryptographic Signature in golang.org/x/crypto

Stop the waste.
Protect your environment with Kodem.