Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4210 matches found

OSV
OSVadded 2020/12/14 8:15 p.m.23 views

CVE-2020-29509

The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

5.6CVSS6.5AI score
Exploits0References2
OSV
OSVadded 2020/12/14 8:15 p.m.1 views

DEBIAN-CVE-2020-29511

The encoding/xml package in Go all versions does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

9.8CVSS7.3AI score0.00187EPSS
Exploits0References1
OSV
OSVadded 2020/12/14 8:15 p.m.24 views

CVE-2020-29511

The encoding/xml package in Go all versions does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

5.6CVSS6.5AI score
Exploits0References2
OSV
OSVadded 2020/12/14 8:15 p.m.3 views

AZL-78900 CVE-2020-29509 affecting package golang 1.25.7-1

The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

5.6CVSS6.8AI score0.00187EPSS
Exploits0References1
OSV
OSVadded 2020/12/14 8:15 p.m.2 views

AZL-6449 CVE-2020-29511 affecting package golang for versions less than 1.20.10-1

The encoding/xml package in Go all versions does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

5.6CVSS6.8AI score0.00187EPSS
Exploits0References1
OSV
OSVadded 2020/12/14 8:15 p.m.1 views

UBUNTU-CVE-2020-29511

The encoding/xml package in Go all versions does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

9.8CVSS6.9AI score0.00187EPSS
Exploits0References3
Prion
Prionadded 2020/12/14 8:15 p.m.28 views

Code injection

The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

6.8CVSS5.6AI score0.00187EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2020/12/14 8:15 p.m.0 views

UBUNTU-CVE-2020-29509

The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

9.8CVSS6.9AI score0.00187EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2020/12/14 8:15 p.m.24 views

CVE-2020-29511

The encoding/xml package in Go all versions does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

9.8CVSS6.9AI score0.00187EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2020/12/14 8:15 p.m.332 views

CVE-2020-29509

The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

9.8CVSS6.9AI score0.00187EPSS
Exploits0References3
CVE
CVEadded 2020/12/14 8:2 p.m.244 views

CVE-2020-29509

CVE-2020-29509 affects the Go encoding/xml package (all versions) where tokenization round-trips do not preserve attribute namespace prefixes, enabling inputs that behave inconsistently across processing stages in affected downstream applications. Connected sources confirm the vulnerability in Go...

9.8CVSS6.1AI score0.00187EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinuxadded 2020/12/14 8:2 p.m.44 views

CVE-2020-29509

The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

9.8CVSS6.4AI score0.00187EPSS
Exploits0
Cvelist
Cvelistadded 2020/12/14 7:59 p.m.22 views

CVE-2020-29511

The encoding/xml package in Go all versions does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

9.8CVSS8.4AI score0.00187EPSS
Exploits0References2
CVE
CVEadded 2020/12/14 7:59 p.m.229 views

CVE-2020-29511

CVE-2020-29511 affects the Go standard library encoding/xml. The initial description states that all Go versions fail to preserve the semantics of element namespace prefixes during tokenization round-trips, enabling inputs that may behave inconsistently across processing stages in affected downst...

9.8CVSS6.1AI score0.00187EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2020/12/14 7:59 p.m.27 views

CVE-2020-29511

The encoding/xml package in Go all versions does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

9.8CVSS7.4AI score0.00187EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2020/12/14 7:59 p.m.50 views

CVE-2020-29511

The encoding/xml package in Go all versions does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

9.8CVSS6.4AI score0.00187EPSS
Exploits0
CNNVD
CNNVDadded 2020/12/14 12:0 a.m.7 views

Google Go encoding security vulnerability

Google Go encoding is a code library from Google Inc. that provides multiple forms of encoding for data based on the Go language. A security vulnerability exists in the Go encoding/xml package that stems from not properly preserving the semantics of attribute namespace prefixes during tokenizatio...

9.8CVSS6.9AI score0.00187EPSS
Exploits0References4
CNNVD
CNNVDadded 2020/12/14 12:0 a.m.3 views

Google Go encoding security vulnerability

Google Go encoding is a code library from Google Inc. that provides multiple forms of encoding for data based on the Go language. A security vulnerability exists in the Go encoding/xml package that stems from not properly preserving the semantics of element namespace prefixes, which can be...

9.8CVSS6.9AI score0.00187EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2020/12/14 12:0 a.m.2 views

PT-2020-17182 · Go +1 · Encoding/Xml Package +1

Name of the Vulnerable Software and Affected Versions: encoding/xml package in Go all versions Description: The issue arises from the encoding/xml package in Go not correctly preserving the semantics of element namespace prefixes during tokenization round-trips. This allows an attacker to craft...

9.8CVSS7AI score0.00187EPSS
Exploits0References16
Tenable Nessus
Tenable Nessusadded 2020/12/09 12:0 a.m.89 views

SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2020:3460-1)

This update for java-180-openjdk fixes the following issues : Fix regression '8250861: Crash in MinINode::IdealPhaseGVN, bool', introduced in October 2020 CPU. Update to version jdk8u272 icedtea 3.17.0 July 2020 CPU, bsc1174157, and October 2020 CPU, bsc1177943 - New features + JDK-8245468: Add...

8.3CVSS6.9AI score0.01018EPSS
Exploits0References35
Rows per page
Query Builder