CVE-2020-16845

Published: Aug 6, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://groups.google.com/forum/#%21topic/golang-announce/_ulYYcIWg3Q

x_refsource_MISC

openSUSE-SU-2020:1178

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2020:1194

vendor-advisory

x_refsource_SUSE

FEDORA-2020-e384830a0d

vendor-advisory

x_refsource_FEDORA

FEDORA-2020-deff052e7a

vendor-advisory

x_refsource_FEDORA

FEDORA-2020-a55f130272

vendor-advisory

x_refsource_FEDORA

FEDORA-2020-b190375a37

vendor-advisory

x_refsource_FEDORA

openSUSE-SU-2020:1405

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2020:1407

vendor-advisory

x_refsource_SUSE

[debian-lts-announce] 20201121 [SECURITY] [DLA 2459-1] golang-1.7 security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20201121 [SECURITY] [DLA 2460-1] golang-1.8 security update

mailing-list

x_refsource_MLIST

DSA-4848

vendor-advisory

x_refsource_DEBIAN

https://www.oracle.com/security-alerts/cpuApr2021.html

x_refsource_MISC

https://groups.google.com/forum/#%21topic/golang-announce/NyPIaucMgXo

x_refsource_CONFIRM

https://security.netapp.com/advisory/ntap-20200924-0002/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-16845

Description

Affected Products

References