CVE-2020-29510 - OpenCVE

The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Golang	Go
Netapp	Trident

Configuration 1 [-]

cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md	Third Party Advisory
https://security.netapp.com/advisory/ntap-20210129-0006/	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Mattermost

Published: 2020-12-14T00:00:00

Updated: 2021-01-29T06:06:08

Reserved: 2020-12-03T00:00:00

Link: CVE-2020-29510

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-12-14T20:15:13.200

Modified: 2021-01-30T01:23:43.490

Link: CVE-2020-29510

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Go", "vendor": "Golang", "versions": [{"lessThanOrEqual": "1.15", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2020-12-14T00:00:00", "descriptions": [{"lang": "en", "value": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-115", "description": "CWE-115 Misinterpretation of Input", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-01-29T06:06:08", "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20210129-0006/"}], "source": {"discovery": "UNKNOWN"}, "workarounds": [{"lang": "en", "value": "Untrusted markup in affected applications can be validated using the github.com/mattermost/xml-roundtrip-validator module."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "responsibledisclosure@mattermost.com", "DATE_PUBLIC": "2020-12-14T08:00:00.000Z", "ID": "CVE-2020-29510", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Go", "version": {"version_data": [{"version_affected": "<=", "version_value": "1.15"}]}}]}, "vendor_name": "Golang"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-115 Misinterpretation of Input"}]}]}, "references": {"reference_data": [{"name": "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md", "refsource": "MISC", "url": "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"}, {"name": "https://security.netapp.com/advisory/ntap-20210129-0006/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210129-0006/"}]}, "source": {"discovery": "UNKNOWN"}, "work_around": [{"lang": "en", "value": "Untrusted markup in affected applications can be validated using the github.com/mattermost/xml-roundtrip-validator module."}]}}}, "cveMetadata": {"assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "assignerShortName": "Mattermost", "cveId": "CVE-2020-29510", "datePublished": "2020-12-14T00:00:00", "dateReserved": "2020-12-03T00:00:00", "dateUpdated": "2021-01-29T06:06:08", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "matchCriteriaId": "1DAD07E9-AAF3-439E-96CE-7992B0A67182", "versionEndIncluding": "1.15", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D9A34F5-AC03-4098-A37D-AD50727DDB11", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications."}, {"lang": "es", "value": "El paquete encoding/xml en Go versiones 1.15 y anteriores no conserva correctamente la sem\u00e1ntica de las directivas durante los viajes de ida por vuelta del proceso de generaci\u00f3n de token, que permite a un atacante dise\u00f1ar entradas que se comportan de manera conflictiva durante las diferentes etapas de procesamiento en las aplicaciones previas afectadas"}], "id": "CVE-2020-29510", "lastModified": "2021-01-30T01:23:43.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}]}, "published": "2020-12-14T20:15:13.200", "references": [{"source": "responsibledisclosure@mattermost.com", "tags": ["Third Party Advisory"], "url": "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"}, {"source": "responsibledisclosure@mattermost.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210129-0006/"}], "sourceIdentifier": "responsibledisclosure@mattermost.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-115"}], "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}]}