VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-chcx-jfyc-aaaf

Essentials
Severities (123)
References (35)
Severity details (37)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-chcx-jfyc-aaaf
Aliases	CVE-2020-7919 GHSA-cjjc-xp8v-855w
Summary	Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-295	Improper Certificate Validation
CWE-190	Integer Overflow or Wraparound

System	Score	Found at
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-7919.html
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7919.json
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.0048	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.00627	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01100	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01100	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01100	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01100	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01153	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01408	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01408	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01408	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01408	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01408	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01408	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01408	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01408	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01408	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01408	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01408	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
epss	0.01408	https://api.first.org/data/v1/epss?cve=CVE-2020-7919
rhbs	high	https://bugzilla.redhat.com/show_bug.cgi?id=1808041
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7919
cvssv3.1	7.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	7.5	https://github.com/helm/helm
generic_textual	HIGH	https://github.com/helm/helm
cvssv3.1	7.5	https://github.com/helm/helm/security/advisories/GHSA-cjjc-xp8v-855w
generic_textual	HIGH	https://github.com/helm/helm/security/advisories/GHSA-cjjc-xp8v-855w
cvssv3.1	7.5	https://go.dev/cl/216677
generic_textual	HIGH	https://go.dev/cl/216677
cvssv3.1	7.5	https://go.dev/cl/216680
generic_textual	HIGH	https://go.dev/cl/216680
cvssv3.1	7.5	https://go.dev/issue/36837
generic_textual	HIGH	https://go.dev/issue/36837
cvssv3.1	7.5	https://go.googlesource.com/go/+/b13ce14c4a6aa59b7b041ad2b6eed2d23e15b574
generic_textual	HIGH	https://go.googlesource.com/go/+/b13ce14c4a6aa59b7b041ad2b6eed2d23e15b574
cvssv3.1	7.5	https://groups.google.com/forum/#!forum/golang-announce
generic_textual	HIGH	https://groups.google.com/forum/#!forum/golang-announce
cvssv3.1	7.5	https://groups.google.com/forum/#!topic/golang-announce/Hsw4mHYc470
generic_textual	HIGH	https://groups.google.com/forum/#!topic/golang-announce/Hsw4mHYc470
cvssv3.1	7.5	https://groups.google.com/forum/#!topic/golang-announce/-sdUB4VEQkA
generic_textual	HIGH	https://groups.google.com/forum/#!topic/golang-announce/-sdUB4VEQkA
cvssv3.1	7.5	https://groups.google.com/g/golang-announce/c/Hsw4mHYc470
generic_textual	HIGH	https://groups.google.com/g/golang-announce/c/Hsw4mHYc470
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S43VLYRURELDWX4D5RFOYBNFGO6CGBBC
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S43VLYRURELDWX4D5RFOYBNFGO6CGBBC
cvssv2	7.8	https://nvd.nist.gov/vuln/detail/CVE-2020-7919
cvssv3	7.5	https://nvd.nist.gov/vuln/detail/CVE-2020-7919
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2020-7919
cvssv3.1	7.5	https://pkg.go.dev/vuln/GO-2022-0229
generic_textual	HIGH	https://pkg.go.dev/vuln/GO-2022-0229
cvssv3.1	7.5	https://security.netapp.com/advisory/ntap-20200327-0001
generic_textual	HIGH	https://security.netapp.com/advisory/ntap-20200327-0001
cvssv3.1	7.5	https://www.debian.org/security/2021/dsa-4848
generic_textual	HIGH	https://www.debian.org/security/2021/dsa-4848
cvssv3.1	7.5	https://www.oracle.com/security-alerts/cpuApr2021.html
generic_textual	HIGH	https://www.oracle.com/security-alerts/cpuApr2021.html

Reference id	Reference type	URL
		http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-7919.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7919.json
		https://api.first.org/data/v1/epss?cve=CVE-2020-7919
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15586
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16845
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7919
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3114
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/helm/helm
		https://github.com/helm/helm/security/advisories/GHSA-cjjc-xp8v-855w
		https://go.dev/cl/216677
		https://go.dev/cl/216680
		https://go.dev/issue/36837
		https://go.googlesource.com/go/+/b13ce14c4a6aa59b7b041ad2b6eed2d23e15b574
		https://groups.google.com/forum/#%21forum/golang-announce
		https://groups.google.com/forum/#%21topic/golang-announce/Hsw4mHYc470
		https://groups.google.com/forum/#%21topic/golang-announce/-sdUB4VEQkA
		https://groups.google.com/forum/#!forum/golang-announce
		https://groups.google.com/forum/#!topic/golang-announce/Hsw4mHYc470
		https://groups.google.com/forum/#!topic/golang-announce/-sdUB4VEQkA
		https://groups.google.com/g/golang-announce/c/Hsw4mHYc470
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S43VLYRURELDWX4D5RFOYBNFGO6CGBBC/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S43VLYRURELDWX4D5RFOYBNFGO6CGBBC
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S43VLYRURELDWX4D5RFOYBNFGO6CGBBC/
		https://pkg.go.dev/vuln/GO-2022-0229
		https://security.netapp.com/advisory/ntap-20200327-0001
		https://security.netapp.com/advisory/ntap-20200327-0001/
		https://www.debian.org/security/2021/dsa-4848
		https://www.oracle.com/security-alerts/cpuApr2021.html
1808041		https://bugzilla.redhat.com/show_bug.cgi?id=1808041
cpe:2.3:a:golang:go::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:golang:go::::::::
cpe:2.3:a:netapp:cloud_insights_telegraf:-:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_insights_telegraf:-:::::::*
cpe:2.3:o:debian:debian_linux:10.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
cpe:2.3:o:fedoraproject:fedora:31:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
CVE-2020-7919		https://nvd.nist.gov/vuln/detail/CVE-2020-7919

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7919.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/helm/helm

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/helm/helm/security/advisories/GHSA-cjjc-xp8v-855w

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://go.dev/cl/216677

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://go.dev/cl/216680

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://go.dev/issue/36837

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://go.googlesource.com/go/+/b13ce14c4a6aa59b7b041ad2b6eed2d23e15b574

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://groups.google.com/forum/#!forum/golang-announce

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://groups.google.com/forum/#!topic/golang-announce/Hsw4mHYc470

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://groups.google.com/forum/#!topic/golang-announce/-sdUB4VEQkA

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://groups.google.com/g/golang-announce/c/Hsw4mHYc470

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S43VLYRURELDWX4D5RFOYBNFGO6CGBBC

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2020-7919

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2020-7919

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2020-7919

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://pkg.go.dev/vuln/GO-2022-0229

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://security.netapp.com/advisory/ntap-20200327-0001

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.debian.org/security/2021/dsa-4848

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://www.oracle.com/security-alerts/cpuApr2021.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.63996
EPSS Score	0.0048
Published At	May 26, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.