CVE-2020-28852 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	In golang-golang-x-text before version 0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1396	golang-golang-x-text	0.3.3-2		Medium	Vulnerable	FS#70320

References
https://github.com/golang/go/issues/42536 https://play.golang.org/p/SwAU9tKYRsj https://github.com/golang/text/commit/4482a914f52311356f6f4b7a695d4075ca22c0c6