Vulnerability Details CVE-2020-28851
In x/text in Go 1.15.4, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References