{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32283", "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "state": "PUBLISHED", "assignerShortName": "Go", "dateReserved": "2026-03-11T16:38:46.556Z", "datePublished": "2026-04-08T01:06:57.670Z", "dateUpdated": "2026-04-13T18:19:55.848Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go", "dateUpdated": "2026-04-08T01:06:57.670Z"}, "title": "Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls", "descriptions": [{"lang": "en", "value": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3."}], "affected": [{"vendor": "Go standard library", "product": "crypto/tls", "collectionURL": "https://pkg.go.dev", "packageName": "crypto/tls", "versions": [{"version": "0", "lessThan": "1.25.9", "status": "affected", "versionType": "semver"}, {"version": "1.26.0-0", "lessThan": "1.26.2", "status": "affected", "versionType": "semver"}], "programRoutines": [{"name": "Conn.handleKeyUpdate"}, {"name": "clientHandshakeStateTLS13.establishHandshakeKeys"}, {"name": "clientHandshakeStateTLS13.readServerFinished"}, {"name": "serverHandshakeStateTLS13.sendServerParameters"}, {"name": "serverHandshakeStateTLS13.readClientFinished"}, {"name": "Conn.Handshake"}, {"name": "Conn.HandshakeContext"}, {"name": "Conn.Read"}, {"name": "Conn.Write"}, {"name": "Dial"}, {"name": "DialWithDialer"}, {"name": "Dialer.Dial"}, {"name": "Dialer.DialContext"}, {"name": "QUICConn.HandleData"}, {"name": "QUICConn.Start"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-667: Improper Locking"}]}], "references": [{"url": "https://go.dev/cl/763767"}, {"url": "https://go.dev/issue/78334"}, {"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"}, {"url": "https://pkg.go.dev/vuln/GO-2026-4870"}], "credits": [{"lang": "en", "value": "Jakub Ciolek - https://ciolek.dev/"}]}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-13T17:51:46.207289Z", "id": "CVE-2026-32283", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-13T18:19:55.848Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-32283", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-13T17:51:46.207289Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-13T17:51:42.115Z"}}], "cna": {"title": "Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls", "credits": [{"lang": "en", "value": "Jakub Ciolek - https://ciolek.dev/"}], "affected": [{"vendor": "Go standard library", "product": "crypto/tls", "versions": [{"status": "affected", "version": "0", "lessThan": "1.25.9", "versionType": "semver"}, {"status": "affected", "version": "1.26.0-0", "lessThan": "1.26.2", "versionType": "semver"}], "packageName": "crypto/tls", "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "programRoutines": [{"name": "Conn.handleKeyUpdate"}, {"name": "clientHandshakeStateTLS13.establishHandshakeKeys"}, {"name": "clientHandshakeStateTLS13.readServerFinished"}, {"name": "serverHandshakeStateTLS13.sendServerParameters"}, {"name": "serverHandshakeStateTLS13.readClientFinished"}, {"name": "Conn.Handshake"}, {"name": "Conn.HandshakeContext"}, {"name": "Conn.Read"}, {"name": "Conn.Write"}, {"name": "Dial"}, {"name": "DialWithDialer"}, {"name": "Dialer.Dial"}, {"name": "Dialer.DialContext"}, {"name": "QUICConn.HandleData"}, {"name": "QUICConn.Start"}]}], "references": [{"url": "https://go.dev/cl/763767"}, {"url": "https://go.dev/issue/78334"}, {"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"}, {"url": "https://pkg.go.dev/vuln/GO-2026-4870"}], "descriptions": [{"lang": "en", "value": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-667: Improper Locking"}]}], "providerMetadata": {"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go", "dateUpdated": "2026-04-08T01:06:57.670Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32283", "state": "PUBLISHED", "dateUpdated": "2026-04-13T18:19:55.848Z", "dateReserved": "2026-03-11T16:38:46.556Z", "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "datePublished": "2026-04-08T01:06:57.670Z", "assignerShortName": "Go"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "matchCriteriaId": "C6C9C072-9817-402D-877F-F83584B07017", "versionEndExcluding": "1.25.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "matchCriteriaId": "39FE9BAF-55E9-43AA-B14E-239E7EF1D65D", "versionEndExcluding": "1.26.2", "versionStartIncluding": "1.26.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3."}], "id": "CVE-2026-32283", "lastModified": "2026-04-16T19:12:10.540", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-08T02:16:03.580", "references": [{"source": "security@golang.org", "tags": ["Patch"], "url": "https://go.dev/cl/763767"}, {"source": "security@golang.org", "tags": ["Issue Tracking"], "url": "https://go.dev/issue/78334"}, {"source": "security@golang.org", "tags": ["Release Notes", "Mailing List"], "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"}, {"source": "security@golang.org", "tags": ["Vendor Advisory"], "url": "https://pkg.go.dev/vuln/GO-2026-4870"}], "sourceIdentifier": "security@golang.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.25.9)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[1.26.0-0,1.26.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "crypto/tls", "source": "cna", "vendor": "Go standard library"}, "product": "crypto_tls", "vendor": "go_standard_library"}], "analysis": {"en": {"generated_at": "2026-04-13T21:04:15.311093+00:00", "value": {"mitigation_remediation": ["Upgrade the Go runtime to the latest stable release that contains the fix for the TLS 1.3 key update handling bug", "If an immediate upgrade is not possible, configure your Go applications to disable TLS\u00a01.3 or enforce strict key update limits until the patch is available", "Verify that your TLS configuration only accepts a single key update per record and monitor server logs for repeated key update messages to detect potential attempts to trigger the deadlock"], "summary": {"action": "Patch promptly", "impact": "Denial of Service via TLS 1.3 KeyUpdate deadlock"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the Go standard library package crypto/tls and therefore any Go application that enables TLS 1.3 handling through this library. The issue is present in all versions of Go that use the affected TLS implementation, regardless of vendor or product beyond the Go runtime. No specific product naming beyond Go\u2019s standard library is required for the impact assessment.", "description_and_impact": "The Go TLS 1.3 implementation incorrectly processes a batch of key update messages sent in a single record after the handshake. When such duplicate key updates are received, the connection can deadlock, leading to uncontrolled consumption of system resources and a denial of service. This vulnerability can be triggered by an attacker sending a crafted TLS session that includes multiple key update records.", "risk_and_exploitability": "With a CVSS score of 7.5 the vulnerability is classified as high severity, while the EPSS score of less than 1% indicates a low likelihood of being actively exploited at the present time. The attacker only needs to supply a malformed TLS session and does not require any special privileges or prior access. The vulnerability is remote and does not require authentication to impact the system. Although it is not listed in the CISA Known Exploited Vulnerabilities catalog, it poses a significant risk if an undetected attacker can trigger the deadlock on a high\u2011traffic service. The recommended mitigations focus on applying the vendor patch or disabling TLS 1.3 until a fix is available."}}}}, "created": "2026-04-08T19:33:37.747663+00:00", "updated": "2026-04-14T16:40:15.465308+00:00", "vendors": ["go_standard_library", "go_standard_library$PRODUCT$crypto_tls"], "weaknesses": ["CWE-770"]}