Security Advisory

CVE-2020-29510

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-12-14 19:57:44

Last updated 2024-09-16 16:48:42

Assigner Mattermost

State PUBLISHED

Description

The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.

← Browse all CVEs View on cve.org ↗