[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-14039":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":27,"aliases":28,"duplicate_of":9,"upstream":31,"downstream":32,"duplicates":51,"related":52,"reserved_at":9,"published_at":62,"modified_at":63,"state":64,"summary":65,"references_raw":74,"kevs":135,"epss":136,"epss_history":139,"metrics":400,"affected":410},"CVE-2020-14039","In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-295","Improper Certificate Validation","The product does not validate, or incorrectly validates, a certificate.","weakness","Draft","Base",[19,23],{"id":20,"name":21,"techniques":22},"CAPEC-459","Creating a Rogue Certification Authority Certificate",[],{"id":24,"name":25,"techniques":26},"CAPEC-475","Signature Spoofing by Improper Validation",[],[],[29,30],"GO-2021-0223","BIT-golang-2020-14039",[],[33,35,37,39,41,43,45,47,49],{"_key":34},"OPENSUSE-SU-2020:1087-1",{"_key":36},"SUSE-SU-2020:2562-1",{"_key":38},"SUSE-SU-2021:0263-1",{"_key":40},"OPENSUSE-SU-2020:1095-1",{"_key":42},"OPENSUSE-SU-2020:1405-1",{"_key":44},"OPENSUSE-SU-2020:1407-1",{"_key":46},"OPENSUSE-SU-2024:10806-1",{"_key":48},"OPENSUSE-SU-2024:10807-1",{"_key":50},"OPENSUSE-SU-2024:11430-1",[],[53,54,55,56,57,58,59,60,61],{"_key":34},{"_key":36},{"_key":38},{"_key":40},{"_key":42},{"_key":44},{"_key":46},{"_key":48},{"_key":50},"2020-07-17T15:43:33.000Z","2024-08-04T12:32:14.665Z","Modified",{"cisa_kev":66,"cisa_ransomware":66,"cisa_vendor":9,"epss_severity":67,"epss_score":68,"severity":69,"severity_score":70,"severity_version":71,"severity_source":72,"severity_vector":73,"severity_status":64},false,"low",0.00431,"medium",5.3,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",[75,81,89,93,97,101,106,111,115,121,125,130],{"url":76,"sources":77,"tags":79},"https://groups.google.com/forum/#%21forum/golang-announce",[78,72],"cve.org",[80],"X Refsource MISC",{"url":82,"sources":83,"tags":84},"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html",[78,72],[85,86,87,88],"Vendor Advisory","X Refsource SUSE","Mailing List","Third Party Advisory",{"url":90,"sources":91,"tags":92},"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html",[78,72],[85,86,87,88],{"url":94,"sources":95,"tags":96},"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html",[78,72],[85,86,87,88],{"url":98,"sources":99,"tags":100},"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html",[78,72],[85,86,87,88],{"url":102,"sources":103,"tags":104},"https://www.oracle.com/security-alerts/cpuApr2021.html",[78,72],[80,105,88],"Patch",{"url":107,"sources":108,"tags":109},"https://groups.google.com/forum/#%21topic/golang-announce/XZNfaiwgt2w",[78,72],[110],"X Refsource CONFIRM",{"url":112,"sources":113,"tags":114},"https://security.netapp.com/advisory/ntap-20200731-0005/",[78,72],[110,88],{"url":116,"sources":117,"tags":119},"https://go.dev/cl/242597",[118],"osv_go",[120],"FIX",{"url":122,"sources":123,"tags":124},"https://go.googlesource.com/go/+/82175e699a2e2cd83d3aa34949e9b922d66d52f5",[118],[120],{"url":126,"sources":127,"tags":128},"https://go.dev/issue/39360",[118],[129],"REPORT",{"url":131,"sources":132,"tags":133},"https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w",[118],[134],"WEB",[],{"date":137,"score":68,"percentile":138},"2026-06-04",0.62942,[140,144,147,150,153,156,159,162,165,168,171,174,177,180,182,186,189,192,194,196,199,202,205,207,209,212,215,218,221,224,227,230,233,236,239,242,244,247,250,253,256,259,262,265,268,271,274,276,279,282,284,287,290,293,296,299,302,305,308,311,314,317,320,323,326,329,332,335,338,341,344,347,350,353,356,358,361,363,365,368,371,374,377,380,382,385,388,391,394,397],{"date":141,"score":142,"percentile":143},"2025-11-04",0.0041,0.6066,{"date":145,"score":142,"percentile":146},"2025-11-05",0.60646,{"date":148,"score":142,"percentile":149},"2025-11-06",0.60651,{"date":151,"score":142,"percentile":152},"2025-11-07",0.60664,{"date":154,"score":142,"percentile":155},"2025-11-08",0.60667,{"date":157,"score":142,"percentile":158},"2025-11-09",0.60663,{"date":160,"score":142,"percentile":161},"2025-11-10",0.60639,{"date":163,"score":142,"percentile":164},"2025-11-11",0.60653,{"date":166,"score":142,"percentile":167},"2025-11-12",0.60679,{"date":169,"score":142,"percentile":170},"2025-11-13",0.60687,{"date":172,"score":142,"percentile":173},"2025-11-14",0.60696,{"date":175,"score":142,"percentile":176},"2025-11-15",0.60686,{"date":178,"score":142,"percentile":179},"2025-11-16",0.60674,{"date":181,"score":142,"percentile":179},"2025-11-17",{"date":183,"score":184,"percentile":185},"2025-11-18",0.00303,0.50651,{"date":187,"score":184,"percentile":188},"2025-11-19",0.50662,{"date":190,"score":184,"percentile":191},"2025-11-20",0.5065,{"date":193,"score":142,"percentile":176},"2025-11-21",{"date":195,"score":142,"percentile":170},"2025-11-22",{"date":197,"score":142,"percentile":198},"2025-11-23",0.6067,{"date":200,"score":142,"percentile":201},"2025-11-24",0.60668,{"date":203,"score":142,"percentile":204},"2025-11-25",0.60673,{"date":206,"score":142,"percentile":179},"2025-11-26",{"date":208,"score":142,"percentile":167},"2025-11-27",{"date":210,"score":142,"percentile":211},"2025-11-28",0.60656,{"date":213,"score":142,"percentile":214},"2025-11-29",0.60626,{"date":216,"score":142,"percentile":217},"2025-11-30",0.60617,{"date":219,"score":142,"percentile":220},"2025-12-01",0.60764,{"date":222,"score":142,"percentile":223},"2025-12-02",0.60777,{"date":225,"score":142,"percentile":226},"2025-12-03",0.60779,{"date":228,"score":142,"percentile":229},"2025-12-04",0.60614,{"date":231,"score":142,"percentile":232},"2025-12-05",0.60624,{"date":234,"score":142,"percentile":235},"2025-12-06",0.60616,{"date":237,"score":142,"percentile":238},"2025-12-07",0.60609,{"date":240,"score":142,"percentile":241},"2025-12-08",0.6061,{"date":243,"score":142,"percentile":146},"2025-12-09",{"date":245,"score":142,"percentile":246},"2025-12-10",0.60691,{"date":248,"score":142,"percentile":249},"2025-12-11",0.6071,{"date":251,"score":142,"percentile":252},"2025-12-12",0.60726,{"date":254,"score":142,"percentile":255},"2025-12-13",0.60727,{"date":257,"score":142,"percentile":258},"2025-12-14",0.60722,{"date":260,"score":142,"percentile":261},"2025-12-15",0.60697,{"date":263,"score":142,"percentile":264},"2025-12-16",0.6072,{"date":266,"score":142,"percentile":267},"2025-12-17",0.60735,{"date":269,"score":142,"percentile":270},"2025-12-18",0.60778,{"date":272,"score":142,"percentile":273},"2025-12-19",0.60785,{"date":275,"score":142,"percentile":273},"2025-12-20",{"date":277,"score":142,"percentile":278},"2025-12-21",0.60772,{"date":280,"score":142,"percentile":281},"2025-12-22",0.60765,{"date":283,"score":142,"percentile":226},"2025-12-23",{"date":285,"score":142,"percentile":286},"2025-12-24",0.60791,{"date":288,"score":142,"percentile":289},"2025-12-25",0.60823,{"date":291,"score":142,"percentile":292},"2025-12-26",0.60818,{"date":294,"score":142,"percentile":295},"2025-12-27",0.60871,{"date":297,"score":142,"percentile":298},"2025-12-28",0.60794,{"date":300,"score":142,"percentile":301},"2025-12-29",0.60788,{"date":303,"score":142,"percentile":304},"2025-12-30",0.608,{"date":306,"score":142,"percentile":307},"2025-12-31",0.60822,{"date":309,"score":142,"percentile":310},"2026-01-01",0.61003,{"date":312,"score":142,"percentile":313},"2026-01-02",0.6099,{"date":315,"score":142,"percentile":316},"2026-01-03",0.60988,{"date":318,"score":142,"percentile":319},"2026-01-04",0.60796,{"date":321,"score":142,"percentile":322},"2026-01-05",0.60783,{"date":324,"score":142,"percentile":325},"2026-01-06",0.60795,{"date":327,"score":142,"percentile":328},"2026-01-07",0.60819,{"date":330,"score":142,"percentile":331},"2026-01-08",0.60845,{"date":333,"score":142,"percentile":334},"2026-01-09",0.60847,{"date":336,"score":142,"percentile":337},"2026-01-10",0.60842,{"date":339,"score":142,"percentile":340},"2026-01-11",0.60826,{"date":342,"score":142,"percentile":343},"2026-01-12",0.60803,{"date":345,"score":142,"percentile":346},"2026-01-13",0.60766,{"date":348,"score":142,"percentile":349},"2026-01-14",0.60806,{"date":351,"score":142,"percentile":352},"2026-01-15",0.60807,{"date":354,"score":142,"percentile":355},"2026-01-16",0.60829,{"date":357,"score":142,"percentile":289},"2026-01-17",{"date":359,"score":142,"percentile":360},"2026-01-18",0.6082,{"date":362,"score":142,"percentile":352},"2026-01-19",{"date":364,"score":142,"percentile":360},"2026-01-20",{"date":366,"score":142,"percentile":367},"2026-01-21",0.60825,{"date":369,"score":142,"percentile":370},"2026-01-22",0.60828,{"date":372,"score":142,"percentile":373},"2026-01-23",0.60864,{"date":375,"score":142,"percentile":376},"2026-01-24",0.60872,{"date":378,"score":142,"percentile":379},"2026-01-25",0.60837,{"date":381,"score":142,"percentile":370},"2026-01-26",{"date":383,"score":142,"percentile":384},"2026-01-27",0.60834,{"date":386,"score":142,"percentile":387},"2026-01-28",0.60846,{"date":389,"score":142,"percentile":390},"2026-01-29",0.60848,{"date":392,"score":142,"percentile":393},"2026-01-30",0.60851,{"date":395,"score":142,"percentile":396},"2026-01-31",0.60856,{"date":398,"score":142,"percentile":399},"2026-02-01",0.60984,[401],{"source":72,"cvss_v2_0":402,"cvss_v3_0":9,"cvss_v3_1":407,"cvss_v4_0":9},{"baseScore":403,"baseSeverity":9,"vectorString":404,"impactScore":405,"exploitabilityScore":406},5,"AV:N/AC:L/Au:N/C:N/I:P/A:N",2.9,10,{"baseScore":70,"baseSeverity":408,"vectorString":73,"impactScore":409,"exploitabilityScore":406},"MEDIUM",2.3,[411,427,435],{"ecosystem":9,"name":412,"vendor":413,"product":412,"cpe_part":414,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":415},"go","golang","a",[416,422],{"version":417,"is_range":418,"range_type":419,"version_start":9,"version_start_type":9,"version_end":420,"version_end_type":421,"fixed_in":9},"lt1.13.13",true,"cpe","1.13.13","excluding",{"version":423,"is_range":418,"range_type":419,"version_start":424,"version_start_type":425,"version_end":426,"version_end_type":421,"fixed_in":9},"gte1.14.0_lt1.14.5","1.14.0","including","1.14.5",{"ecosystem":428,"name":429,"vendor":428,"product":429,"cpe_part":9,"purl_type":413,"purl_namespace":9,"purl_name":429,"source":9,"versions":430},"Go","stdlib",[431],{"version":432,"is_range":418,"range_type":433,"version_start":434,"version_start_type":425,"version_end":426,"version_end_type":421,"fixed_in":9},"gte1_14_0_0_lt1_14_5","semver","1.14.0-0",{"ecosystem":9,"name":436,"vendor":437,"product":436,"cpe_part":438,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":439},"leap","opensuse","o",[440,442],{"version":441,"is_range":66,"range_type":419,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.1",{"version":443,"is_range":66,"range_type":419,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.2"]