{"id":"USN-5725-2","summary":"golang-1.13 vulnerability","details":"USN-5725-1 fixed a vulnerability in Go. This update provides\nthe corresponding update for Ubuntu 16.04 LTS.\n\nOriginal advisory details:\n\n Diederik Loerakker, Jonny Rhea, Raúl Kripalani, and Preston\n Van Loon discovered that Go incorrectly handled certain inputs.\n An attacker could possibly use this issue to cause Go applications\n to hang or crash, resulting in a denial of service.\n","modified":"2026-02-10T04:42:50Z","published":"2023-05-23T13:10:08Z","related":["UBUNTU-CVE-2020-16845"],"upstream":["CVE-2020-16845","UBUNTU-CVE-2020-16845"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5725-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-16845"}],"affected":[{"package":{"name":"golang-1.13","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/golang-1.13@1.13.8-1ubuntu1~16.04.3+esm2?arch=source&distro=esm-apps/xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.13.8-1ubuntu1~16.04.3+esm2"}]}],"versions":["1.13.8-1ubuntu1~16.04.2","1.13.8-1ubuntu1~16.04.3"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_version":"1.13.8-1ubuntu1~16.04.3+esm2","binary_name":"golang-1.13"},{"binary_version":"1.13.8-1ubuntu1~16.04.3+esm2","binary_name":"golang-1.13-go"},{"binary_version":"1.13.8-1ubuntu1~16.04.3+esm2","binary_name":"golang-1.13-src"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5725-2.json","cves_map":{"cves":[{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}],"id":"CVE-2020-16845"}],"ecosystem":"Ubuntu:Pro:16.04:LTS"}}}],"schema_version":"1.7.3"}