Published: 17/07/2020 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Go prior to 1.13.13 and 1.14.x prior to 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.

Vulnerable Product	Search on Vulmon	Subscribe to Product
golang go
cloudfoundry cf-deployment
cloudfoundry routing-release
debian debian linux 9.0
debian debian linux 10.0
opensuse leap 15.1
opensuse leap 15.2
fedoraproject fedora 31
fedoraproject fedora 32

Multiple security issues were discovered in the implementation of the Go programming language, which could result in denial of service and the P-224 curve implementation could generate incorrect outputs For the stable distribution (buster), these problems have been fixed in version 1116-1+deb10u4 We recommend that you upgrade your golang-111 p ...

Go before 11313 and 114x before 1145 has a data race in some net/http servers, as demonstrated by the httputilReverseProxy Handler, because it reads a request body and writes a response at the same time A flaw was found Go's net/http package Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race t ...

Synopsis Moderate: OpenShift Serverless 190 release and security update Type/Severity Security Advisory: Moderate Topic OpenShift Serverless 190 release and security update is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Sco ...

Synopsis Moderate: go-toolset:rhel8 security update Type/Severity Security Advisory: Moderate Topic An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring ...

Synopsis Moderate: OpenShift Container Platform 4520 packages and golang security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4520 is now available with updates to packages and images that fix several bugsThis release also includes a security upda ...

Synopsis Low: OpenShift Virtualization 242 Images Type/Severity Security Advisory: Low Topic Red Hat OpenShift Virtualization release 242 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security im ...

Synopsis Moderate: OpenShift Container Platform 461 package security update Type/Severity Security Advisory: Moderate Topic An update for jenkins-2-plugins, openshift-clients, podman, runc, and skopeo is now available for Red Hat OpenShift Container Platform 46Red Hat Product Security has rated this upd ...

Synopsis Moderate: Red Hat OpenShift Container Storage 46 bug fix and enhancement update Type/Severity Security Advisory: Moderate Topic An update for mcg is now available for Red Hat OpenShift Container Storage 460 on RHEL-8Red Hat Product Security has rated this update as having a security impact of M ...

Synopsis Moderate: go-toolset-113-golang security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for go-toolset-113 and go-toolset-113-golang is now available for Red Hat Developer ToolsRed Hat Product Security has rated this update as having a security impact of Moderate ...

Synopsis Low: Red Hat OpenShift Service Mesh 1111 security update Type/Severity Security Advisory: Low Topic An update is now available for OpenShift Service Mesh 11Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) base score, ...

Synopsis Moderate: OpenShift Container Platform 4520 bug fix and golang security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4520 is now available with updates to packages and images that fix several bugsThis release includes a security update for ...

Synopsis Moderate: Red Hat OpenShift Container Storage 460 security, bug fix, enhancement update Type/Severity Security Advisory: Moderate Topic Updated images are now available for Red Hat OpenShift Container Storage 460 on Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as ha ...

Synopsis Important: Migration Toolkit for Containers (MTC) 174 security and bug fix update Type/Severity Security Advisory: Important Topic The Migration Toolkit for Containers (MTC) 174 is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ba ...

CWE-362 https://www.cloudfoundry.org/blog/cve-2020-15586/http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html https://security.netapp.com/advisory/ntap-20200731-0005/http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html https://www.debian.org/security/2021/dsa-4848 https://www.oracle.com/security-alerts/cpuApr2021.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCR6LAKCVKL55KJQPPBBWVQGOP7RL2RW/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WIRVUHD7TJIT7JJ33FKHIVTHPYABYPHR/https://groups.google.com/forum/#%21topic/golang-announce/XZNfaiwgt2w https://groups.google.com/forum/#%21topic/golang-announce/f2c5bqrGH_g https://nvd.nist.gov https://www.debian.org/security/2021/dsa-4848

Get Started

CVE-2020-15586

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect