Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/golang-golang-x-text@0.36.0-1?distro=trixie
Typedeb
Namespacedebian
Namegolang-golang-x-text
Version0.36.0-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2dh6-y93r-2ucc
vulnerability_id VCID-2dh6-y93r-2ucc
summary 
golang.org/x/text/language Out-of-bounds Read vulnerability
golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38561.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38561.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-38561
reference_id
reference_type
scores
0
value 0.00053
scoring_system epss
scoring_elements 0.16551
published_at 2026-04-18T12:55:00Z
1
value 0.00053
scoring_system epss
scoring_elements 0.16562
published_at 2026-04-01T12:55:00Z
2
value 0.00053
scoring_system epss
scoring_elements 0.16742
published_at 2026-04-02T12:55:00Z
3
value 0.00053
scoring_system epss
scoring_elements 0.16802
published_at 2026-04-04T12:55:00Z
4
value 0.00053
scoring_system epss
scoring_elements 0.16589
published_at 2026-04-21T12:55:00Z
5
value 0.00053
scoring_system epss
scoring_elements 0.16673
published_at 2026-04-08T12:55:00Z
6
value 0.00053
scoring_system epss
scoring_elements 0.16728
published_at 2026-04-09T12:55:00Z
7
value 0.00053
scoring_system epss
scoring_elements 0.16707
published_at 2026-04-11T12:55:00Z
8
value 0.00053
scoring_system epss
scoring_elements 0.16665
published_at 2026-04-12T12:55:00Z
9
value 0.00053
scoring_system epss
scoring_elements 0.16607
published_at 2026-04-13T12:55:00Z
10
value 0.00053
scoring_system epss
scoring_elements 0.16543
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-38561
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38561
3
reference_url https://deps.dev/advisory/OSV/GO-2021-0113
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:13:55Z/
url https://deps.dev/advisory/OSV/GO-2021-0113
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://go.dev/cl/340830
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/340830
6
reference_url https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:13:55Z/
url https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f
7
reference_url https://groups.google.com/g/golang-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:13:55Z/
url https://groups.google.com/g/golang-announce
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-38561
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-38561
9
reference_url https://pkg.go.dev/golang.org/x/text/language
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:13:55Z/
url https://pkg.go.dev/golang.org/x/text/language
10
reference_url https://pkg.go.dev/vuln/GO-2021-0113
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2021-0113
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2100495
reference_id 2100495
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2100495
12
reference_url https://access.redhat.com/errata/RHSA-2022:5070
reference_id RHSA-2022:5070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5070
13
reference_url https://access.redhat.com/errata/RHSA-2022:5525
reference_id RHSA-2022:5525
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5525
14
reference_url https://access.redhat.com/errata/RHSA-2022:5556
reference_id RHSA-2022:5556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5556
15
reference_url https://access.redhat.com/errata/RHSA-2022:5908
reference_id RHSA-2022:5908
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5908
16
reference_url https://access.redhat.com/errata/RHSA-2022:5909
reference_id RHSA-2022:5909
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5909
17
reference_url https://access.redhat.com/errata/RHSA-2022:6051
reference_id RHSA-2022:6051
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6051
18
reference_url https://access.redhat.com/errata/RHSA-2022:6263
reference_id RHSA-2022:6263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6263
19
reference_url https://access.redhat.com/errata/RHSA-2022:6287
reference_id RHSA-2022:6287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6287
20
reference_url https://access.redhat.com/errata/RHSA-2022:6318
reference_id RHSA-2022:6318
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6318
21
reference_url https://access.redhat.com/errata/RHSA-2022:6526
reference_id RHSA-2022:6526
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6526
22
reference_url https://access.redhat.com/errata/RHSA-2022:6537
reference_id RHSA-2022:6537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6537
23
reference_url https://access.redhat.com/errata/RHSA-2022:7399
reference_id RHSA-2022:7399
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7399
24
reference_url https://access.redhat.com/errata/RHSA-2022:7401
reference_id RHSA-2022:7401
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7401
25
reference_url https://access.redhat.com/errata/RHSA-2023:0245
reference_id RHSA-2023:0245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0245
26
reference_url https://access.redhat.com/errata/RHSA-2023:0407
reference_id RHSA-2023:0407
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0407
27
reference_url https://access.redhat.com/errata/RHSA-2023:0408
reference_id RHSA-2023:0408
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0408
28
reference_url https://access.redhat.com/errata/RHSA-2023:0566
reference_id RHSA-2023:0566
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0566
29
reference_url https://access.redhat.com/errata/RHSA-2023:0652
reference_id RHSA-2023:0652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0652
30
reference_url https://access.redhat.com/errata/RHSA-2023:0774
reference_id RHSA-2023:0774
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0774
31
reference_url https://access.redhat.com/errata/RHSA-2023:0890
reference_id RHSA-2023:0890
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0890
32
reference_url https://access.redhat.com/errata/RHSA-2023:0895
reference_id RHSA-2023:0895
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0895
33
reference_url https://access.redhat.com/errata/RHSA-2023:1326
reference_id RHSA-2023:1326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1326
34
reference_url https://access.redhat.com/errata/RHSA-2023:1328
reference_id RHSA-2023:1328
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1328
35
reference_url https://access.redhat.com/errata/RHSA-2023:1409
reference_id RHSA-2023:1409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1409
36
reference_url https://access.redhat.com/errata/RHSA-2023:1504
reference_id RHSA-2023:1504
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1504
37
reference_url https://access.redhat.com/errata/RHSA-2023:3542
reference_id RHSA-2023:3542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3542
38
reference_url https://access.redhat.com/errata/RHSA-2023:4310
reference_id RHSA-2023:4310
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4310
39
reference_url https://usn.ubuntu.com/5873-1/
reference_id USN-5873-1
reference_type
scores
url https://usn.ubuntu.com/5873-1/
fixed_packages
0
url pkg:deb/debian/golang-golang-x-text@0.3.7-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.3.7-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.3.7-1%3Fdistro=trixie
1
url pkg:deb/debian/golang-golang-x-text@0.7.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.7.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.7.0-1%3Fdistro=trixie
2
url pkg:deb/debian/golang-golang-x-text@0.22.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.22.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.22.0-1%3Fdistro=trixie
3
url pkg:deb/debian/golang-golang-x-text@0.35.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.35.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.35.0-1%3Fdistro=trixie
4
url pkg:deb/debian/golang-golang-x-text@0.36.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.36.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.36.0-1%3Fdistro=trixie
aliases CVE-2021-38561, GHSA-ppp9-7jff-5vj2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2dh6-y93r-2ucc
1
url VCID-6rzu-td8d-1ycn
vulnerability_id VCID-6rzu-td8d-1ycn
summary Multiple vulnerabilities have been discovered in Gitea, the worst of which could lead to denial of service
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32149.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32149.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-32149
reference_id
reference_type
scores
0
value 0.00054
scoring_system epss
scoring_elements 0.17028
published_at 2026-04-08T12:55:00Z
1
value 0.00054
scoring_system epss
scoring_elements 0.16894
published_at 2026-04-18T12:55:00Z
2
value 0.00054
scoring_system epss
scoring_elements 0.16891
published_at 2026-04-16T12:55:00Z
3
value 0.00054
scoring_system epss
scoring_elements 0.16954
published_at 2026-04-13T12:55:00Z
4
value 0.00054
scoring_system epss
scoring_elements 0.17015
published_at 2026-04-12T12:55:00Z
5
value 0.00054
scoring_system epss
scoring_elements 0.17108
published_at 2026-04-02T12:55:00Z
6
value 0.00054
scoring_system epss
scoring_elements 0.17061
published_at 2026-04-11T12:55:00Z
7
value 0.00054
scoring_system epss
scoring_elements 0.17161
published_at 2026-04-04T12:55:00Z
8
value 0.00054
scoring_system epss
scoring_elements 0.16939
published_at 2026-04-07T12:55:00Z
9
value 0.00054
scoring_system epss
scoring_elements 0.17086
published_at 2026-04-09T12:55:00Z
10
value 0.00056
scoring_system epss
scoring_elements 0.17422
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-32149
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/golang/go/issues/56152
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/golang/go/issues/56152
5
reference_url https://github.com/golang/text
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/golang/text
6
reference_url https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c
7
reference_url https://go.dev/cl/442235
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-15T20:34:55Z/
url https://go.dev/cl/442235
8
reference_url https://go.dev/issue/56152
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-15T20:34:55Z/
url https://go.dev/issue/56152
9
reference_url https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-15T20:34:55Z/
url https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-32149
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-32149
11
reference_url https://pkg.go.dev/vuln/GO-2022-1059
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-15T20:34:55Z/
url https://pkg.go.dev/vuln/GO-2022-1059
12
reference_url https://security.netapp.com/advisory/ntap-20230203-0006
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230203-0006
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021785
reference_id 1021785
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021785
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2134010
reference_id 2134010
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2134010
15
reference_url https://security.gentoo.org/glsa/202210-14
reference_id GLSA-202210-14
reference_type
scores
url https://security.gentoo.org/glsa/202210-14
16
reference_url https://access.redhat.com/errata/RHSA-2022:6882
reference_id RHSA-2022:6882
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6882
17
reference_url https://access.redhat.com/errata/RHSA-2022:7407
reference_id RHSA-2022:7407
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7407
18
reference_url https://access.redhat.com/errata/RHSA-2022:7434
reference_id RHSA-2022:7434
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7434
19
reference_url https://access.redhat.com/errata/RHSA-2022:7435
reference_id RHSA-2022:7435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7435
20
reference_url https://access.redhat.com/errata/RHSA-2023:0692
reference_id RHSA-2023:0692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0692
21
reference_url https://access.redhat.com/errata/RHSA-2023:0693
reference_id RHSA-2023:0693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0693
22
reference_url https://access.redhat.com/errata/RHSA-2023:1042
reference_id RHSA-2023:1042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1042
23
reference_url https://access.redhat.com/errata/RHSA-2023:3204
reference_id RHSA-2023:3204
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3204
24
reference_url https://access.redhat.com/errata/RHSA-2023:3205
reference_id RHSA-2023:3205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3205
25
reference_url https://access.redhat.com/errata/RHSA-2023:3613
reference_id RHSA-2023:3613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3613
26
reference_url https://access.redhat.com/errata/RHSA-2024:1994
reference_id RHSA-2024:1994
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1994
27
reference_url https://usn.ubuntu.com/5873-1/
reference_id USN-5873-1
reference_type
scores
url https://usn.ubuntu.com/5873-1/
fixed_packages
0
url pkg:deb/debian/golang-golang-x-text@0.3.8-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.3.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.3.8-1%3Fdistro=trixie
1
url pkg:deb/debian/golang-golang-x-text@0.7.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.7.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.7.0-1%3Fdistro=trixie
2
url pkg:deb/debian/golang-golang-x-text@0.22.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.22.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.22.0-1%3Fdistro=trixie
3
url pkg:deb/debian/golang-golang-x-text@0.35.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.35.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.35.0-1%3Fdistro=trixie
4
url pkg:deb/debian/golang-golang-x-text@0.36.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.36.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.36.0-1%3Fdistro=trixie
aliases CVE-2022-32149, GHSA-69ch-w2m2-3vjp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6rzu-td8d-1ycn
2
url VCID-hvfd-h9rm-jkbw
vulnerability_id VCID-hvfd-h9rm-jkbw
summary golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28852.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28852.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28852
reference_id
reference_type
scores
0
value 0.00107
scoring_system epss
scoring_elements 0.28995
published_at 2026-04-01T12:55:00Z
1
value 0.00107
scoring_system epss
scoring_elements 0.29072
published_at 2026-04-02T12:55:00Z
2
value 0.00107
scoring_system epss
scoring_elements 0.29123
published_at 2026-04-04T12:55:00Z
3
value 0.00107
scoring_system epss
scoring_elements 0.28934
published_at 2026-04-07T12:55:00Z
4
value 0.00107
scoring_system epss
scoring_elements 0.28999
published_at 2026-04-08T12:55:00Z
5
value 0.00107
scoring_system epss
scoring_elements 0.29042
published_at 2026-04-09T12:55:00Z
6
value 0.00107
scoring_system epss
scoring_elements 0.29046
published_at 2026-04-11T12:55:00Z
7
value 0.00107
scoring_system epss
scoring_elements 0.29001
published_at 2026-04-12T12:55:00Z
8
value 0.00107
scoring_system epss
scoring_elements 0.28952
published_at 2026-04-13T12:55:00Z
9
value 0.00107
scoring_system epss
scoring_elements 0.28976
published_at 2026-04-16T12:55:00Z
10
value 0.00107
scoring_system epss
scoring_elements 0.28954
published_at 2026-04-18T12:55:00Z
11
value 0.00107
scoring_system epss
scoring_elements 0.28908
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28852
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1913338
reference_id 1913338
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1913338
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980002
reference_id 980002
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980002
6
reference_url https://access.redhat.com/errata/RHSA-2021:2438
reference_id RHSA-2021:2438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2438
7
reference_url https://access.redhat.com/errata/RHSA-2022:0577
reference_id RHSA-2022:0577
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0577
8
reference_url https://access.redhat.com/errata/RHSA-2022:1276
reference_id RHSA-2022:1276
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1276
9
reference_url https://access.redhat.com/errata/RHSA-2022:7129
reference_id RHSA-2022:7129
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7129
10
reference_url https://access.redhat.com/errata/RHSA-2022:7954
reference_id RHSA-2022:7954
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7954
11
reference_url https://usn.ubuntu.com/5873-1/
reference_id USN-5873-1
reference_type
scores
url https://usn.ubuntu.com/5873-1/
fixed_packages
0
url pkg:deb/debian/golang-golang-x-text@0.3.5-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.3.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.3.5-1%3Fdistro=trixie
1
url pkg:deb/debian/golang-golang-x-text@0.3.6-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.3.6-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dh6-y93r-2ucc
1
vulnerability VCID-6rzu-td8d-1ycn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.3.6-1%3Fdistro=trixie
2
url pkg:deb/debian/golang-golang-x-text@0.7.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.7.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.7.0-1%3Fdistro=trixie
3
url pkg:deb/debian/golang-golang-x-text@0.22.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.22.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.22.0-1%3Fdistro=trixie
4
url pkg:deb/debian/golang-golang-x-text@0.35.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.35.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.35.0-1%3Fdistro=trixie
5
url pkg:deb/debian/golang-golang-x-text@0.36.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.36.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.36.0-1%3Fdistro=trixie
aliases CVE-2020-28852
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hvfd-h9rm-jkbw
3
url VCID-n82z-sfd6-x3af
vulnerability_id VCID-n82z-sfd6-x3af
summary 
golang.org/x/text Infinite loop
Go version v0.3.3 of the x/text package fixes a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.

### Specific Go Packages Affected
golang.org/x/text/encoding/unicode
golang.org/x/text/transform
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14040.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14040.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14040
reference_id
reference_type
scores
0
value 8e-05
scoring_system epss
scoring_elements 0.00685
published_at 2026-04-21T12:55:00Z
1
value 8e-05
scoring_system epss
scoring_elements 0.00653
published_at 2026-04-11T12:55:00Z
2
value 8e-05
scoring_system epss
scoring_elements 0.00644
published_at 2026-04-18T12:55:00Z
3
value 8e-05
scoring_system epss
scoring_elements 0.00639
published_at 2026-04-16T12:55:00Z
4
value 8e-05
scoring_system epss
scoring_elements 0.00648
published_at 2026-04-13T12:55:00Z
5
value 8e-05
scoring_system epss
scoring_elements 0.00646
published_at 2026-04-12T12:55:00Z
6
value 8e-05
scoring_system epss
scoring_elements 0.00663
published_at 2026-04-01T12:55:00Z
7
value 8e-05
scoring_system epss
scoring_elements 0.00667
published_at 2026-04-02T12:55:00Z
8
value 8e-05
scoring_system epss
scoring_elements 0.00659
published_at 2026-04-04T12:55:00Z
9
value 8e-05
scoring_system epss
scoring_elements 0.00662
published_at 2026-04-07T12:55:00Z
10
value 8e-05
scoring_system epss
scoring_elements 0.00661
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14040
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14040
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/golang/go/issues/39491
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/golang/go/issues/39491
5
reference_url https://github.com/golang/text/commit/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/golang/text/commit/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
6
reference_url https://go.dev/cl/238238
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/238238
7
reference_url https://go.dev/issue/39491
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.dev/issue/39491
8
reference_url https://go.googlesource.com/text/+/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.googlesource.com/text/+/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
9
reference_url https://go-review.googlesource.com/c/text/+/238238
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go-review.googlesource.com/c/text/+/238238
10
reference_url https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0
11
reference_url https://groups.google.com/g/golang-announce/c/bXVeAmGOqz0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/golang-announce/c/bXVeAmGOqz0
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-14040
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-14040
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1853652
reference_id 1853652
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1853652
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964272
reference_id 964272
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964272
16
reference_url https://access.redhat.com/errata/RHSA-2020:3087
reference_id RHSA-2020:3087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3087
17
reference_url https://access.redhat.com/errata/RHSA-2020:3369
reference_id RHSA-2020:3369
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3369
18
reference_url https://access.redhat.com/errata/RHSA-2020:3372
reference_id RHSA-2020:3372
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3372
19
reference_url https://access.redhat.com/errata/RHSA-2020:3578
reference_id RHSA-2020:3578
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3578
20
reference_url https://access.redhat.com/errata/RHSA-2020:3665
reference_id RHSA-2020:3665
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3665
21
reference_url https://access.redhat.com/errata/RHSA-2020:3727
reference_id RHSA-2020:3727
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3727
22
reference_url https://access.redhat.com/errata/RHSA-2020:3780
reference_id RHSA-2020:3780
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3780
23
reference_url https://access.redhat.com/errata/RHSA-2020:3783
reference_id RHSA-2020:3783
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3783
24
reference_url https://access.redhat.com/errata/RHSA-2020:4214
reference_id RHSA-2020:4214
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4214
25
reference_url https://access.redhat.com/errata/RHSA-2020:4297
reference_id RHSA-2020:4297
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4297
26
reference_url https://access.redhat.com/errata/RHSA-2020:4298
reference_id RHSA-2020:4298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4298
27
reference_url https://access.redhat.com/errata/RHSA-2020:4694
reference_id RHSA-2020:4694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4694
28
reference_url https://access.redhat.com/errata/RHSA-2020:5054
reference_id RHSA-2020:5054
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5054
29
reference_url https://access.redhat.com/errata/RHSA-2020:5055
reference_id RHSA-2020:5055
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5055
30
reference_url https://access.redhat.com/errata/RHSA-2020:5056
reference_id RHSA-2020:5056
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5056
31
reference_url https://access.redhat.com/errata/RHSA-2020:5149
reference_id RHSA-2020:5149
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5149
32
reference_url https://access.redhat.com/errata/RHSA-2020:5198
reference_id RHSA-2020:5198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5198
33
reference_url https://access.redhat.com/errata/RHSA-2020:5605
reference_id RHSA-2020:5605
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5605
34
reference_url https://access.redhat.com/errata/RHSA-2020:5606
reference_id RHSA-2020:5606
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5606
35
reference_url https://access.redhat.com/errata/RHSA-2020:5633
reference_id RHSA-2020:5633
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5633
36
reference_url https://access.redhat.com/errata/RHSA-2020:5635
reference_id RHSA-2020:5635
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5635
37
reference_url https://access.redhat.com/errata/RHSA-2021:0420
reference_id RHSA-2021:0420
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0420
38
reference_url https://access.redhat.com/errata/RHSA-2021:0980
reference_id RHSA-2021:0980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0980
39
reference_url https://access.redhat.com/errata/RHSA-2021:1129
reference_id RHSA-2021:1129
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1129
40
reference_url https://access.redhat.com/errata/RHSA-2021:1369
reference_id RHSA-2021:1369
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1369
41
reference_url https://access.redhat.com/errata/RHSA-2021:2039
reference_id RHSA-2021:2039
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2039
42
reference_url https://usn.ubuntu.com/5873-1/
reference_id USN-5873-1
reference_type
scores
url https://usn.ubuntu.com/5873-1/
fixed_packages
0
url pkg:deb/debian/golang-golang-x-text@0.3.3-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.3.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.3.3-1%3Fdistro=trixie
1
url pkg:deb/debian/golang-golang-x-text@0.3.6-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.3.6-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dh6-y93r-2ucc
1
vulnerability VCID-6rzu-td8d-1ycn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.3.6-1%3Fdistro=trixie
2
url pkg:deb/debian/golang-golang-x-text@0.7.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.7.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.7.0-1%3Fdistro=trixie
3
url pkg:deb/debian/golang-golang-x-text@0.22.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.22.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.22.0-1%3Fdistro=trixie
4
url pkg:deb/debian/golang-golang-x-text@0.35.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.35.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.35.0-1%3Fdistro=trixie
5
url pkg:deb/debian/golang-golang-x-text@0.36.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.36.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.36.0-1%3Fdistro=trixie
aliases CVE-2020-14040, GHSA-5rcv-m4m3-hfh7
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n82z-sfd6-x3af
4
url VCID-r52s-2crw-tfbx
vulnerability_id VCID-r52s-2crw-tfbx
summary golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28851.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28851.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28851
reference_id
reference_type
scores
0
value 0.00138
scoring_system epss
scoring_elements 0.3356
published_at 2026-04-01T12:55:00Z
1
value 0.00138
scoring_system epss
scoring_elements 0.33894
published_at 2026-04-02T12:55:00Z
2
value 0.00138
scoring_system epss
scoring_elements 0.33926
published_at 2026-04-04T12:55:00Z
3
value 0.00138
scoring_system epss
scoring_elements 0.33779
published_at 2026-04-21T12:55:00Z
4
value 0.00138
scoring_system epss
scoring_elements 0.33822
published_at 2026-04-08T12:55:00Z
5
value 0.00138
scoring_system epss
scoring_elements 0.33855
published_at 2026-04-09T12:55:00Z
6
value 0.00138
scoring_system epss
scoring_elements 0.33853
published_at 2026-04-11T12:55:00Z
7
value 0.00138
scoring_system epss
scoring_elements 0.33811
published_at 2026-04-18T12:55:00Z
8
value 0.00138
scoring_system epss
scoring_elements 0.33787
published_at 2026-04-13T12:55:00Z
9
value 0.00138
scoring_system epss
scoring_elements 0.33825
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28851
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1913333
reference_id 1913333
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1913333
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980001
reference_id 980001
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980001
6
reference_url https://access.redhat.com/errata/RHSA-2022:0577
reference_id RHSA-2022:0577
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0577
7
reference_url https://access.redhat.com/errata/RHSA-2022:1276
reference_id RHSA-2022:1276
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1276
8
reference_url https://access.redhat.com/errata/RHSA-2022:1762
reference_id RHSA-2022:1762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1762
9
reference_url https://access.redhat.com/errata/RHSA-2022:7129
reference_id RHSA-2022:7129
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7129
10
reference_url https://access.redhat.com/errata/RHSA-2022:7954
reference_id RHSA-2022:7954
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7954
11
reference_url https://usn.ubuntu.com/5873-1/
reference_id USN-5873-1
reference_type
scores
url https://usn.ubuntu.com/5873-1/
fixed_packages
0
url pkg:deb/debian/golang-golang-x-text@0.3.6-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.3.6-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dh6-y93r-2ucc
1
vulnerability VCID-6rzu-td8d-1ycn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.3.6-1%3Fdistro=trixie
1
url pkg:deb/debian/golang-golang-x-text@0.7.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.7.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.7.0-1%3Fdistro=trixie
2
url pkg:deb/debian/golang-golang-x-text@0.22.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.22.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.22.0-1%3Fdistro=trixie
3
url pkg:deb/debian/golang-golang-x-text@0.35.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.35.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.35.0-1%3Fdistro=trixie
4
url pkg:deb/debian/golang-golang-x-text@0.36.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.36.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.36.0-1%3Fdistro=trixie
aliases CVE-2020-28851
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r52s-2crw-tfbx
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-text@0.36.0-1%3Fdistro=trixie