High severityNVD Advisory· Published Aug 23, 2020· Updated Sep 17, 2024
Denial of Service (DoS)
CVE-2020-7711
Description
This affects all versions of package github.com/russellhaering/goxmldsig. There is a crash on nil-pointer dereference caused by sending malformed XML signatures.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/russellhaering/goxmldsigGo | < 1.1.1 | 1.1.1 |
github.com/russellhaering/gosaml2Go | < 0.7.0 | 0.7.0 |
Affected products
3- github.com/russellhaering/goxmldsigdescription
- ghsa-coords2 versions
< 0.7.0+ 1 more
- (no CPE)range: < 0.7.0
- (no CPE)range: < 1.1.1
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-mqqv-chpx-vq25ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-7711ghsaADVISORY
- github.com/russellhaering/gosaml2/issues/59ghsaWEB
- github.com/russellhaering/goxmldsig/issues/48ghsax_refsource_MISCWEB
- pkg.go.dev/vuln/GO-2020-0046ghsaWEB
- snyk.io/vuln/SNYK-GOLANG-GITHUBCOMRUSSELLHAERINGGOXMLDSIG-608301ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.