Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2020-7919
CVE-2020-7919:
Helm vulnerability analysis and mitigation
Overview
Go programming language versions before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68) contain a vulnerability that allows attacks on clients via malformed X.509 certificates (CVE Mitre, NVD).
Technical details
The vulnerability exists in the handling of X.509 certificates in the Go programming language's crypto/cryptobyte package. When a malformed X.509 certificate is processed, it can trigger a panic in client applications (Debian Security).
Impact
When successfully exploited, this vulnerability results in a Denial of Service (DoS) condition through client application panic. The vulnerability has been assigned a CVSS v3.1 score of 7.5 (HIGH) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (NetApp Advisory).
Mitigation and workarounds
Users should upgrade to Go version 1.12.16 or 1.13.7 or later versions. For the crypto/cryptobyte package, users should upgrade to version 0.0.0-20200124225646-8b5121be2f68 or later (Fedora Update).
Additional resources
Source: This report was generated using AI
Related Helm vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management