CVE-2020-28851 log

Source
Severity Medium
Remote Yes
Type Denial of service
Description
In golang-golang-x-text before version 0.3.6, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
Group Package Affected Fixed Severity Status Ticket
AVG-1396 golang-golang-x-text 0.3.3-2 Medium Unknown FS#70320
References
https://github.com/golang/go/issues/42535
https://play.golang.org/p/FCHj_rCBdiH
https://github.com/golang/text/commit/e3aa4adf54f644ca0cb35f1f1fb19b239c40ef04