Search for vulnerabilities
Vulnerability details: VCID-uwa2-eyvn-aaaj
Vulnerability ID VCID-uwa2-eyvn-aaaj
Aliases CVE-2020-28362
Summary Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-295 Improper Certificate Validation
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2020:5333
rhas Moderate https://access.redhat.com/errata/RHSA-2020:5493
rhas Moderate https://access.redhat.com/errata/RHSA-2020:5633
rhas Moderate https://access.redhat.com/errata/RHSA-2020:5634
rhas Moderate https://access.redhat.com/errata/RHSA-2021:0037
rhas Important https://access.redhat.com/errata/RHSA-2021:0038
rhas Moderate https://access.redhat.com/errata/RHSA-2021:0039
rhas Moderate https://access.redhat.com/errata/RHSA-2021:0145
rhas Moderate https://access.redhat.com/errata/RHSA-2021:0146
rhas Moderate https://access.redhat.com/errata/RHSA-2021:0172
rhas Moderate https://access.redhat.com/errata/RHSA-2021:0436
rhas Moderate https://access.redhat.com/errata/RHSA-2021:0568
rhas Moderate https://access.redhat.com/errata/RHSA-2021:0799
rhas Low https://access.redhat.com/errata/RHSA-2021:0956
rhas Moderate https://access.redhat.com/errata/RHSA-2021:1366
rhas Moderate https://access.redhat.com/errata/RHSA-2021:1551
rhas Moderate https://access.redhat.com/errata/RHSA-2021:2041
rhas Moderate https://access.redhat.com/errata/RHSA-2021:2042
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28362.json
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00388 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00562 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00562 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00562 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00562 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00562 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00562 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00562 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00562 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00562 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00562 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00562 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00562 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00646 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00646 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00646 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
epss 0.00646 https://api.first.org/data/v1/epss?cve=CVE-2020-28362
cvssv3.1 7.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2020-28362
cvssv3 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-28362
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-28362
archlinux High https://security.archlinux.org/AVG-1278
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28362.json
https://api.first.org/data/v1/epss?cve=CVE-2020-28362
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28362
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://groups.google.com/g/golang-nuts/c/c-ssaaS7RMI
https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E
https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd%40%3Cissues.trafficcontrol.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2W4COUPL3YVTZ6RTEIT6LPBDJUFF3VSP/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3ZSHGNTJWCWYAKY5OLZS2XQQYHSXSUO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2W4COUPL3YVTZ6RTEIT6LPBDJUFF3VSP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F3ZSHGNTJWCWYAKY5OLZS2XQQYHSXSUO/
https://security.netapp.com/advisory/ntap-20201202-0004/
https://www.arista.com/en/support/advisories-notices/security-advisories/12166-security-advisory-62
ASA-202011-16 https://security.archlinux.org/ASA-202011-16
AVG-1278 https://security.archlinux.org/AVG-1278
cpe:2.3:a:golang:go:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_insights_telegraf_agent:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_insights_telegraf_agent:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
CVE-2020-28362 https://nvd.nist.gov/vuln/detail/CVE-2020-28362
RHBA-2021:0482 https://bugzilla.redhat.com/show_bug.cgi?id=1897635
RHSA-2020:5333 https://access.redhat.com/errata/RHSA-2020:5333
RHSA-2020:5493 https://access.redhat.com/errata/RHSA-2020:5493
RHSA-2020:5633 https://access.redhat.com/errata/RHSA-2020:5633
RHSA-2020:5634 https://access.redhat.com/errata/RHSA-2020:5634
RHSA-2021:0037 https://access.redhat.com/errata/RHSA-2021:0037
RHSA-2021:0038 https://access.redhat.com/errata/RHSA-2021:0038
RHSA-2021:0039 https://access.redhat.com/errata/RHSA-2021:0039
RHSA-2021:0145 https://access.redhat.com/errata/RHSA-2021:0145
RHSA-2021:0146 https://access.redhat.com/errata/RHSA-2021:0146
RHSA-2021:0172 https://access.redhat.com/errata/RHSA-2021:0172
RHSA-2021:0436 https://access.redhat.com/errata/RHSA-2021:0436
RHSA-2021:0568 https://access.redhat.com/errata/RHSA-2021:0568
RHSA-2021:0706 https://access.redhat.com/errata/RHSA-2021:0706
RHSA-2021:0799 https://access.redhat.com/errata/RHSA-2021:0799
RHSA-2021:0956 https://access.redhat.com/errata/RHSA-2021:0956
RHSA-2021:1366 https://access.redhat.com/errata/RHSA-2021:1366
RHSA-2021:1551 https://access.redhat.com/errata/RHSA-2021:1551
RHSA-2021:2041 https://access.redhat.com/errata/RHSA-2021:2041
RHSA-2021:2042 https://access.redhat.com/errata/RHSA-2021:2042
RHSA-2021:2532 https://access.redhat.com/errata/RHSA-2021:2532
RHSA-2021:2543 https://access.redhat.com/errata/RHSA-2021:2543
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28362.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2020-28362
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2020-28362
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2020-28362
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.32291
EPSS Score 0.0015
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.