Ncw

**Name of the Vulnerable Software and Affected Versions** Go versions 1.5.0 through 1.5.2 **Description** The issue in the math/big library makes it easier for attackers to obtain private RSA keys via unspecified vectors. This can affect RSA computations in crypto/rsa, used by crypto/tls, potentially causing TLS servers on 32-bit systems to leak their RSA private key. The bug can occur at random, around one in 2^26 times on 32-bit systems, allowing an attacker to extract the private key by collecting around 64 million signatures from an affected server. On 64-bit systems, the frequency of the bug is significantly lower, making exploitation very difficult. **Recommendations** For Go versions 1.5.0 through 1.5.2, update to version 1.5.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of RSA computations in crypto/rsa to minimize the risk of exploitation. Avoid using the `crypto/rsa` package in TLS servers on 32-bit systems until the issue is resolved.