CVE-2020-15586

ADVISORY - nist

Summary

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.

EPSS Score⁠: 0.00614 (0.690)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-362⁠

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

ADVISORY - redhat

CWE-362⁠

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Impacted images

Advisories

GoLang

CREATED

4 years ago

UPDATED

1 year ago

ADVISORY IDGO-2021-0224⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
stdlib	golang	-	-	<1.13.13	1.13.13
stdlib	golang	-	-	>=1.14.0-0,<1.14.5	1.14.5

Severity and metrics

No CVSS data available from this advisory.

NIST

CREATED

5 years ago

UPDATED

1 year ago

ADVISORY IDCVE-2020-15586⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-362⁠

CVSS SCORE

5.9medium

Alpine

CREATED

5 years ago

UPDATED

16 hours ago

ADVISORY IDCVE-2020-15586⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

5 years ago

UPDATED

1 month ago

ADVISORY IDCVE-2020-15586⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

5 years ago

UPDATED

5 months ago

ADVISORY IDCVE-2020-15586⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.9low

GoLang

CREATED

4 years ago

UPDATED

3 years ago

ADVISORY IDGO-2021-0141⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Amazon

CREATED

5 years ago

UPDATED

5 years ago

ADVISORY IDALAS-2020-1417⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

5 years ago

UPDATED

5 years ago

ADVISORY IDALAS2-2020-1479⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY ID

BIT-2020-15586

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

2 years ago

UPDATED

7 months ago

ADVISORY ID

BIT-golang-2020-15586

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.9medium

Red Hat

CREATED

5 years ago

UPDATED

8 months ago

ADVISORY IDCVE-2020-15586⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-362⁠

CVSS SCORE

5.9medium

Oracle

CREATED

5 years ago

UPDATED

5 years ago

ADVISORY IDELSA-2020-3665⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium