Vulnerabilities > CVE-2020-16845 - Infinite Loop vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
golang
opensuse
debian
fedoraproject
CWE-835
NVD
Published: 2020-08-06
Updated: 2023-11-07

Summary

Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.

Vulnerable Configurations

Part Description Count
Application
Golang
177
OS
Opensuse
2
OS
Debian
2
OS
Fedoraproject
2

Common Weakness Enumeration (CWE)

References