CVE-2020-28851 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	In golang-golang-x-text before version 0.3.6, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1396	golang-golang-x-text	0.3.3-2		Medium	Unknown	FS#70320

References
https://github.com/golang/go/issues/42535 https://play.golang.org/p/FCHj_rCBdiH https://github.com/golang/text/commit/e3aa4adf54f644ca0cb35f1f1fb19b239c40ef04