Diederik Loerakker, Jonny Rhea, Raúl Kripalani, and Preston
Van Loon discovered that Go incorrectly handled certain inputs.
An attacker could possibly use this issue to cause Go applications
to hang or crash, resulting in a denial of service.

References

ubuntu.com/security/CVE-2020-16845

ubuntu.com/security/notices/USN-5725-1

ibm 18

veracode 1

prion 2

cbl_mariner 1

openvas 18

cvelist 2

freebsd 1

nessus 45

debiancve 2

github 2

ubuntucve 2

photon 5

oraclelinux 7

redhat 25

osv 11

suse 4

nvd 2

fedora 4

redhatcve 1

ubuntu 2

altlinux 2

cve 2

alpinelinux 1

amazon 2

debian 3

mageia 1

oracle 1

ibm

Security Bulletin: A security vulnerability in GO affects IBM Cloud Pak for Multicloud Management Managed Service.

2020-12-14 18:05:09

Security Bulletin: Security Vulnerabilities affect IBM Cloud Pak for Data - Golang (CVE-2020-16845)

2020-10-28 16:21:54

Security Bulletin: IBM Event Streams is affected by a vulnerability in the Go runtime (CVE-2020-16845)

2020-09-26 19:06:06

veracode

Denial Of Service (DoS)

2020-08-13 04:32:40

prion

Design/Logic Flaw

2020-08-06 18:15:00

Format string

2021-04-28 19:15:00

cbl_mariner

CVE-2020-16845 affecting package golang 1.13.11-

2021-07-08 21:56:48

openvas

Ubuntu: Security Advisory (USN-5725-2)

2023-05-24 00:00:00

Fedora: Security Advisory for golang-github-ulikunitz-xz (FEDORA-2020-deff052e7a)

2020-09-02 00:00:00

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2020-1852)

2020-08-31 00:00:00

cvelist

CVE-2020-16845

2020-08-06 17:03:33

CVE-2021-29482 denial of service in github.com/ulikunitz/xz

2021-04-28 18:15:15

freebsd

go -- encoding/binary: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs

2020-08-06 00:00:00

nessus

openSUSE Security Update : go1.13 (openSUSE-2020-1178)

2020-08-11 00:00:00

Fedora 31 : golang (2020-b190375a37)

2020-09-10 00:00:00

Oracle Linux 7 : coredns / cri-o / cri-tools / etcd / flannel / kata / kata-agent / kata-image / kata-ksm-throttler / kata-proxy / kata-runtime / kata-shim / kubernetes / kubernetes-cni / kubernetes-cni-plugins / kubernetes-dashboard / olcne / yq (ELSA-2020-5828)

2020-08-31 00:00:00

debiancve

CVE-2020-16845

2020-08-06 18:15:13

CVE-2021-29482

2021-04-28 19:15:08

github

Infinite loop in xz

2021-12-16 19:16:40

github.com/ulikunitz/xz fixes readUvarint Denial of Service (DoS)

2021-05-25 18:39:37

ubuntucve

CVE-2020-16845

2020-08-06 00:00:00

CVE-2021-29482

2021-04-28 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0276

2020-08-25 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0316

2020-08-25 00:00:00

Important Photon OS Security Update - PHSA-2020-0316

2020-08-25 00:00:00

oraclelinux

kubernetes kubeadm-ha-setup kubernetes-cni kubernetes-cni-plugins security update

2020-08-24 00:00:00

olcne conmon coredns cri-o cri-tools etcd flannel grafana helm istio kata kata-agent kata-image kata-ksm-throttler kata-proxy kata-runtime kata-shim kubernetes kubernetes-cni kubernetes-cni-plugins kubernetes-dashboard prometheus yq security update

2020-08-31 00:00:00

coredns cri-o cri-tools etcd flannel kata kata-agent kata-image kata-ksm-throttler kata-proxy kata-runtime kata-shim kubernetes kubernetes-cni kubernetes-cni-plugins kubernetes-dashboard olcne yq security update

2020-08-31 00:00:00

redhat

(RHSA-2020:5159) Low: OpenShift Container Platform 4.6.6 security update

2020-11-30 14:59:22

(RHSA-2020:5119) Moderate: OpenShift Container Platform 4.5.20 packages and golang security update

2020-11-24 11:38:30

(RHSA-2021:1016) Low: OpenShift Container Platform 4.5.37 security update

2021-04-13 22:52:32

osv

GO-2021-0225

2022-01-13 03:44:52

Infinite loop in xz

2021-12-16 19:16:40

Unbounded read from invalid inputs in encoding/binary

2022-07-01 20:11:09

suse

Security update for go1.13 (moderate)

2020-08-11 00:00:00

Security update for go1.13 (moderate)

2020-08-12 00:00:00

Security update for go1.14 (important)

2020-09-11 00:00:00

nvd

CVE-2020-16845

2020-08-06 18:15:13

CVE-2021-29482

2021-04-28 19:15:08

fedora

[SECURITY] Fedora 31 Update: golang-github-ulikunitz-xz-0.5.8-1.fc31

2020-08-28 14:58:12

[SECURITY] Fedora 32 Update: golang-github-ulikunitz-xz-0.5.8-1.fc32

2020-08-28 14:55:45

[SECURITY] Fedora 31 Update: golang-1.13.15-1.fc31

2020-09-09 14:20:25

redhatcve

CVE-2020-16845

2022-05-14 11:32:38

ubuntu

Go vulnerability

2022-11-15 00:00:00

Go vulnerability

2023-05-23 00:00:00

altlinux

Security fix for the ALT Linux 9 package golang version 1.14.7-alt1

2020-08-19 00:00:00

Security fix for the ALT Linux 10 package golang version 1.14.7-alt1

2020-08-10 00:00:00

cve

CVE-2020-16845

2020-08-06 18:15:13

CVE-2021-29482

2021-04-28 19:15:08

alpinelinux

CVE-2020-16845

2020-08-06 18:15:13

amazon

Medium: golang

2020-09-28 20:57:00

Medium: golang

2020-10-26 18:04:00

debian

[SECURITY] [DLA 2459-1] golang-1.7 security update

2020-11-21 16:15:56

[SECURITY] [DLA 2460-1] golang-1.8 security update

2020-11-21 16:41:04

[SECURITY] [DSA 4848-1] golang-1.11 security update

2021-02-08 21:24:09

mageia

Updated golang packages fix security vulnerability

2020-08-18 20:41:27

oracle

Oracle Critical Patch Update Advisory - April 2021

2021-04-20 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.037 Low

EPSS

Percentile

91.9%

JSON

Related for OSV:USN-5725-1