CVE-2020-28362

Опубликовано: 18 нояб. 2020

Источник: debian

EPSS Низкий

Описание

Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.

Пакет	Статус	Версия исправления	Тип
golang-1.15	fixed	1.15.5-1	package
golang-1.11	not-affected		package
golang-1.8	not-affected		package
golang-1.7	not-affected		package

https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM/m/fLguyiM2CAAJ
https://github.com/golang/go/issues/42552
Introduced in: https://github.com/golang/go/commit/194ae3236d81cf16dc39b955efc1b9202b59d067 (go1.14beta1)
Fixed by: https://github.com/golang/go/commit/1e1fa5903b760c6714ba17e50bf850b01f49135c

EPSS

Процентиль: 44%

0.00213

Низкий

CVE-2020-28362

CVSS3: 7.5

ubuntu

около 5 лет назад

Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.

CVE-2020-28362

CVSS3: 7.5

redhat

около 5 лет назад

Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.

CVE-2020-28362

CVSS3: 7.5

nvd

около 5 лет назад

Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.

CVE-2020-28362

CVSS3: 7.5

msrc

около 5 лет назад

Описание отсутствует

GHSA-gff4-9rfx-4pcw

github

больше 3 лет назад

Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.

EPSS

Процентиль: 44%

0.00213

Низкий