Wind River Support Network

HomeDefectsLIN1021-23006
Acknowledged

LIN1021-23006 : Security Advisory - go - CVE-2020-14039

Created: Apr 28, 2026    Updated: May 18, 2026
Resolved Date: May 14, 2026
Found In Version: 10.21.20.27
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.

CVEs

  • Linkedin
  • Facebook
  • Twitter
  • Youtube