Trident Security Vulnerabilities and Issues — Trident CVE List

Lucene search

NetappTrident

5 matches found

CVE•added 2020/11/18 5:15 p.m.•426 views

CVE-2020-28362

Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.

7.5CVSS7.5AI score0.0015EPSS

CVE•added 2020/11/18 5:15 p.m.•232 views

CVE-2020-28366

Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file.

7.5CVSS8.1AI score0.00218EPSS

CVE•added 2020/12/14 8:15 p.m.•223 views

CVE-2020-29509

The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

9.8CVSS6.1AI score0.0033EPSS

CVE•added 2020/12/14 8:15 p.m.•211 views

CVE-2020-29511

The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.

9.8CVSS6.1AI score0.0033EPSS

CVE•added 2020/12/14 8:15 p.m.•90 views

CVE-2020-29510

The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.

9.8CVSS6.1AI score0.00166EPSS