CVE-2020-24553

ADVISORY - nist

Summary

Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.

EPSS Score⁠: 0.00184 (0.405)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-79⁠

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADVISORY - redhat

CWE-79⁠

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Impacted images

Advisories

GoLang

CREATED

4 years ago

UPDATED

1 year ago

ADVISORY IDGO-2021-0226⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
stdlib	golang	-	-	<1.14.8	1.14.8
stdlib	golang	-	-	>=1.15.0-0,<1.15.1	1.15.1

Severity and metrics

No CVSS data available from this advisory.

NIST

CREATED

5 years ago

UPDATED

1 year ago

ADVISORY IDCVE-2020-24553⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-79⁠

CVSS SCORE

6.1medium

Alpine

CREATED

5 years ago

UPDATED

18 hours ago

ADVISORY IDCVE-2020-24553⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

5 years ago

UPDATED

1 month ago

ADVISORY IDCVE-2020-24553⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

5 years ago

UPDATED

5 months ago

ADVISORY IDCVE-2020-24553⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.1low

GoLang

CREATED

4 years ago

UPDATED

3 years ago

ADVISORY IDGO-2021-0143⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Amazon

CREATED

5 years ago

UPDATED

5 years ago

ADVISORY IDALAS-2020-1445⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

5 years ago

UPDATED

5 years ago

ADVISORY IDALAS2-2020-1554⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY ID

BIT-2020-24553

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

2 years ago

UPDATED

7 months ago

ADVISORY ID

BIT-golang-2020-24553

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.1medium

Red Hat

CREATED

5 years ago

UPDATED

8 months ago

ADVISORY IDCVE-2020-24553⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-79⁠

CVSS SCORE

6.1medium

Oracle

CREATED

5 years ago

UPDATED

5 years ago

ADVISORY IDELSA-2020-5493⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

intheWild

CREATED

8 months ago

UPDATED

8 months ago

ADVISORY IDCVE-2020-24553⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY