AVG-1357 log

Package go
Status Vulnerable
Severity Medium
Type incorrect calculation
Affected 2:1.16.3-1
Fixed Unknown
Current 2:1.16.3-1 [community]
Ticket Create
Created Mon Dec 14 20:05:03 2020
Issue Severity Remote Type Description
CVE-2020-29511 Medium No Incorrect calculation
Go's encoding/xml handles namespace prefixes on XML elements in a way that causes crafted markup to mutate during round-trips through the xml.Decoder and...
CVE-2020-29510 Medium Yes Incorrect calculation
Go's encoding/xml handles XML directives in a way that causes crafted markup to mutate during round-trips through the xml.Decoder and xml.Encoder...
CVE-2020-29509 Medium Yes Incorrect calculation
Go's encoding/xml handles namespace prefixes on XML attributes in a way that causes crafted markup to mutate during round-trips through the xml.Decoder and...
References
https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/
https://github.com/golang/go/issues/43168