CVE-2020-28362
Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.
7.5CVSS
7.5AI Score
0.005EPSS
CVE-2020-28366
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file.
8AI Score
0.01EPSS