Denial Of Service (DoS)

2020-07-1706:00:32

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.011 Low

EPSS

Percentile

84.4%

JSON

crypto/x509 is vulnerable to denial of service (DoS). The attack is possible due to concurrent reading of the request body and writing of a response by the Handler, leading to data race and application crash.

CPENameOperatorVersion
github.com/golang/goeqgo1.14beta1-go1.15beta1
github.com/golang/gole1.13.0
go:3.11eq1.13.10-r0
go:3.11eq1.13.4-r1
go:3.12eq1.13.11-r0
golang-1.14:develeq1.14.4-1ubuntu2
go-toolset-1.13-golangeq1.13.4__4.el7.1
go-toolset-1.13eq1.13.4__3.el7
golang-1.14:groovyeq1.14.4-1ubuntu2
runceq1.0.0__62.rc8.rhaos4.1.git3cbe540.el8

Name	Operator	Version
github.com/golang/go	eq	go1.14beta1-go1.15beta1
github.com/golang/go	le	1.13.0
go:3.11	eq	1.13.10-r0
go:3.11	eq	1.13.4-r1
go:3.12	eq	1.13.11-r0
golang-1.14:devel	eq	1.14.4-1ubuntu2
go-toolset-1.13-golang	eq	1.13.4__4.el7.1
go-toolset-1.13	eq	1.13.4__3.el7
golang-1.14:groovy	eq	1.14.4-1ubuntu2
runc	eq	1.0.0__62.rc8.rhaos4.1.git3cbe540.el8