[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-15586":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":28,"aliases":29,"duplicate_of":9,"upstream":32,"downstream":33,"duplicates":94,"related":95,"reserved_at":9,"published_at":104,"modified_at":105,"state":106,"summary":107,"references_raw":116,"kevs":204,"epss":205,"epss_history":208,"metrics":463,"affected":474},"CVE-2020-15586","Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-362","Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')","The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.","weakness","Draft","Class","Medium",[20,24],{"id":21,"name":22,"techniques":23},"CAPEC-26","Leveraging Race Conditions",[],{"id":25,"name":26,"techniques":27},"CAPEC-29","Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions",[],[],[30,31],"GO-2021-0224","BIT-golang-2020-15586",[],[34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92],{"_key":35},"UBUNTU-CVE-2020-15586",{"_key":37},"OPENSUSE-SU-2020:1087-1",{"_key":39},"SUSE-SU-2020:2562-1",{"_key":41},"OPENSUSE-SU-2020:1095-1",{"_key":43},"OPENSUSE-SU-2020:1405-1",{"_key":45},"OPENSUSE-SU-2020:1407-1",{"_key":47},"OPENSUSE-SU-2024:10806-1",{"_key":49},"OPENSUSE-SU-2024:10807-1",{"_key":51},"DLA-2459-1",{"_key":53},"DLA-2460-1",{"_key":55},"DSA-4848-1",{"_key":57},"RHBA-2020:4197",{"_key":59},"RHBA-2020:4229",{"_key":61},"RHBA-2020:5123",{"_key":63},"RHBA-2020:5356",{"_key":65},"RHSA-2020:5119",{"_key":67},"RHSA-2020:5649",{"_key":69},"RHSA-2021:0713",{"_key":71},"RHSA-2021:1016",{"_key":73},"RHSA-2021:2122",{"_key":75},"RHSA-2021:4103",{"_key":77},"MGASA-2020-0325",{"_key":79},"DEBIAN-CVE-2020-15586",{"_key":81},"RHSA-2021:0172",{"_key":83},"RHSA-2021:0956",{"_key":85},"RHSA-2021:1366",{"_key":87},"RHSA-2020:3665",{"_key":89},"RHSA-2020:4214",{"_key":91},"RHSA-2020:4297",{"_key":93},"RHSA-2020:5606",[],[96,97,98,99,100,101,102,103],{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":77},"2020-07-17T15:38:24.000Z","2024-08-04T13:22:29.273Z","Modified",{"cisa_kev":108,"cisa_ransomware":108,"cisa_vendor":9,"epss_severity":109,"epss_score":110,"severity":111,"severity_score":112,"severity_version":113,"severity_source":114,"severity_vector":115,"severity_status":106},false,"low",0.00614,"medium",5.9,"v3.1","nvd","CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",[117,126,130,135,139,143,147,152,156,161,167,172,176,180,184,190,194,199],{"url":118,"sources":119,"tags":121},"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html",[120,114],"cve.org",[122,123,124,125],"Vendor Advisory","X Refsource SUSE","Mailing List","Third Party Advisory",{"url":127,"sources":128,"tags":129},"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html",[120,114],[122,123,124,125],{"url":131,"sources":132,"tags":133},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCR6LAKCVKL55KJQPPBBWVQGOP7RL2RW/",[120,114],[122,134],"X Refsource FEDORA",{"url":136,"sources":137,"tags":138},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WIRVUHD7TJIT7JJ33FKHIVTHPYABYPHR/",[120,114],[122,134],{"url":140,"sources":141,"tags":142},"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html",[120,114],[122,123,124,125],{"url":144,"sources":145,"tags":146},"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html",[120,114],[122,123,124,125],{"url":148,"sources":149,"tags":150},"https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html",[120,114],[124,151,125],"X Refsource MLIST",{"url":153,"sources":154,"tags":155},"https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html",[120,114],[124,151,125],{"url":157,"sources":158,"tags":159},"https://www.debian.org/security/2021/dsa-4848",[120,114],[122,160,125],"X Refsource DEBIAN",{"url":162,"sources":163,"tags":164},"https://www.oracle.com/security-alerts/cpuApr2021.html",[120,114],[165,166,125],"X Refsource MISC","Patch",{"url":168,"sources":169,"tags":170},"https://groups.google.com/forum/#%21topic/golang-announce/XZNfaiwgt2w",[120,114],[171],"X Refsource CONFIRM",{"url":173,"sources":174,"tags":175},"https://security.netapp.com/advisory/ntap-20200731-0005/",[120,114],[171,125],{"url":177,"sources":178,"tags":179},"https://groups.google.com/forum/#%21topic/golang-announce/f2c5bqrGH_g",[120,114],[165],{"url":181,"sources":182,"tags":183},"https://www.cloudfoundry.org/blog/cve-2020-15586/",[120,114],[171,125],{"url":185,"sources":186,"tags":188},"https://go.dev/cl/242598",[187],"osv_go",[189],"FIX",{"url":191,"sources":192,"tags":193},"https://go.googlesource.com/go/+/fa98f46741f818913a8c11b877520a548715131f",[187],[189],{"url":195,"sources":196,"tags":197},"https://go.dev/issue/34902",[187],[198],"REPORT",{"url":200,"sources":201,"tags":202},"https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w",[187],[203],"WEB",[],{"date":206,"score":110,"percentile":207},"2026-06-04",0.70269,[209,212,215,218,221,223,226,229,231,234,237,240,243,246,248,252,255,258,261,264,266,269,272,275,278,280,283,286,289,292,295,297,299,301,303,305,308,311,314,317,319,322,324,327,330,333,336,339,342,345,348,351,354,356,359,362,365,367,370,373,376,378,381,384,387,390,393,396,398,401,404,407,410,413,416,419,422,425,427,430,433,436,439,442,445,448,451,454,457,460],{"date":210,"score":110,"percentile":211},"2025-11-04",0.69035,{"date":213,"score":110,"percentile":214},"2025-11-05",0.69021,{"date":216,"score":110,"percentile":217},"2025-11-06",0.6902,{"date":219,"score":110,"percentile":220},"2025-11-07",0.69032,{"date":222,"score":110,"percentile":220},"2025-11-08",{"date":224,"score":110,"percentile":225},"2025-11-09",0.69022,{"date":227,"score":110,"percentile":228},"2025-11-10",0.69012,{"date":230,"score":110,"percentile":214},"2025-11-11",{"date":232,"score":110,"percentile":233},"2025-11-12",0.69044,{"date":235,"score":110,"percentile":236},"2025-11-13",0.69052,{"date":238,"score":110,"percentile":239},"2025-11-14",0.6906,{"date":241,"score":110,"percentile":242},"2025-11-15",0.69057,{"date":244,"score":110,"percentile":245},"2025-11-16",0.69053,{"date":247,"score":110,"percentile":236},"2025-11-17",{"date":249,"score":250,"percentile":251},"2025-11-18",0.02927,0.8516,{"date":253,"score":250,"percentile":254},"2025-11-19",0.85162,{"date":256,"score":250,"percentile":257},"2025-11-20",0.85164,{"date":259,"score":110,"percentile":260},"2025-11-21",0.69074,{"date":262,"score":110,"percentile":263},"2025-11-22",0.6907,{"date":265,"score":110,"percentile":239},"2025-11-23",{"date":267,"score":110,"percentile":268},"2025-11-24",0.69048,{"date":270,"score":110,"percentile":271},"2025-11-25",0.69054,{"date":273,"score":110,"percentile":274},"2025-11-26",0.69061,{"date":276,"score":110,"percentile":277},"2025-11-27",0.69064,{"date":279,"score":110,"percentile":236},"2025-11-28",{"date":281,"score":110,"percentile":282},"2025-11-29",0.69041,{"date":284,"score":110,"percentile":285},"2025-11-30",0.69036,{"date":287,"score":110,"percentile":288},"2025-12-01",0.69185,{"date":290,"score":110,"percentile":291},"2025-12-02",0.69193,{"date":293,"score":110,"percentile":294},"2025-12-03",0.69189,{"date":296,"score":110,"percentile":220},"2025-12-04",{"date":298,"score":110,"percentile":268},"2025-12-05",{"date":300,"score":110,"percentile":245},"2025-12-06",{"date":302,"score":110,"percentile":268},"2025-12-07",{"date":304,"score":110,"percentile":236},"2025-12-08",{"date":306,"score":110,"percentile":307},"2025-12-09",0.6908,{"date":309,"score":110,"percentile":310},"2025-12-10",0.69122,{"date":312,"score":110,"percentile":313},"2025-12-11",0.69143,{"date":315,"score":110,"percentile":316},"2025-12-12",0.69171,{"date":318,"score":110,"percentile":316},"2025-12-13",{"date":320,"score":110,"percentile":321},"2025-12-14",0.69175,{"date":323,"score":110,"percentile":316},"2025-12-15",{"date":325,"score":110,"percentile":326},"2025-12-16",0.6918,{"date":328,"score":110,"percentile":329},"2025-12-17",0.69192,{"date":331,"score":110,"percentile":332},"2025-12-18",0.69221,{"date":334,"score":110,"percentile":335},"2025-12-19",0.69238,{"date":337,"score":110,"percentile":338},"2025-12-20",0.69237,{"date":340,"score":110,"percentile":341},"2025-12-21",0.69222,{"date":343,"score":110,"percentile":344},"2025-12-22",0.69224,{"date":346,"score":110,"percentile":347},"2025-12-23",0.69223,{"date":349,"score":110,"percentile":350},"2025-12-24",0.69229,{"date":352,"score":110,"percentile":353},"2025-12-25",0.69256,{"date":355,"score":110,"percentile":353},"2025-12-26",{"date":357,"score":110,"percentile":358},"2025-12-27",0.69302,{"date":360,"score":110,"percentile":361},"2025-12-28",0.6923,{"date":363,"score":110,"percentile":364},"2025-12-29",0.69225,{"date":366,"score":110,"percentile":335},"2025-12-30",{"date":368,"score":110,"percentile":369},"2025-12-31",0.69255,{"date":371,"score":110,"percentile":372},"2026-01-01",0.69424,{"date":374,"score":110,"percentile":375},"2026-01-02",0.69415,{"date":377,"score":110,"percentile":375},"2026-01-03",{"date":379,"score":110,"percentile":380},"2026-01-04",0.69259,{"date":382,"score":110,"percentile":383},"2026-01-05",0.69246,{"date":385,"score":110,"percentile":386},"2026-01-06",0.69257,{"date":388,"score":110,"percentile":389},"2026-01-07",0.69271,{"date":391,"score":110,"percentile":392},"2026-01-08",0.69287,{"date":394,"score":110,"percentile":395},"2026-01-09",0.69294,{"date":397,"score":110,"percentile":395},"2026-01-10",{"date":399,"score":110,"percentile":400},"2026-01-11",0.69284,{"date":402,"score":110,"percentile":403},"2026-01-12",0.69278,{"date":405,"score":110,"percentile":406},"2026-01-13",0.69276,{"date":408,"score":110,"percentile":409},"2026-01-14",0.69306,{"date":411,"score":110,"percentile":412},"2026-01-15",0.6931,{"date":414,"score":110,"percentile":415},"2026-01-16",0.69326,{"date":417,"score":110,"percentile":418},"2026-01-17",0.69318,{"date":420,"score":110,"percentile":421},"2026-01-18",0.69304,{"date":423,"score":110,"percentile":424},"2026-01-19",0.69296,{"date":426,"score":110,"percentile":421},"2026-01-20",{"date":428,"score":110,"percentile":429},"2026-01-21",0.69313,{"date":431,"score":110,"percentile":432},"2026-01-22",0.69323,{"date":434,"score":110,"percentile":435},"2026-01-23",0.69351,{"date":437,"score":110,"percentile":438},"2026-01-24",0.69359,{"date":440,"score":110,"percentile":441},"2026-01-25",0.69329,{"date":443,"score":110,"percentile":444},"2026-01-26",0.69325,{"date":446,"score":110,"percentile":447},"2026-01-27",0.6933,{"date":449,"score":110,"percentile":450},"2026-01-28",0.69342,{"date":452,"score":110,"percentile":453},"2026-01-29",0.6934,{"date":455,"score":110,"percentile":456},"2026-01-30",0.69347,{"date":458,"score":110,"percentile":459},"2026-01-31",0.69353,{"date":461,"score":110,"percentile":462},"2026-02-01",0.69493,[464],{"source":114,"cvss_v2_0":465,"cvss_v3_0":9,"cvss_v3_1":470,"cvss_v4_0":9},{"baseScore":466,"baseSeverity":9,"vectorString":467,"impactScore":468,"exploitabilityScore":469},4.3,"AV:N/AC:M/Au:N/C:N/I:N/A:P",2.9,8.6,{"baseScore":112,"baseSeverity":471,"vectorString":115,"impactScore":472,"exploitabilityScore":473},"MEDIUM",6,5.6,[475,486,492,502,510,522,530],{"ecosystem":9,"name":476,"vendor":477,"product":476,"cpe_part":478,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":479},"cf-deployment","cloudfoundry","a",[480],{"version":481,"is_range":482,"range_type":483,"version_start":9,"version_start_type":9,"version_end":484,"version_end_type":485,"fixed_in":9},"lt13.7.0",true,"cpe","13.7.0","excluding",{"ecosystem":9,"name":487,"vendor":477,"product":487,"cpe_part":478,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":488},"routing-release",[489],{"version":490,"is_range":482,"range_type":483,"version_start":9,"version_start_type":9,"version_end":491,"version_end_type":485,"fixed_in":9},"lt0.203.0","0.203.0",{"ecosystem":9,"name":493,"vendor":494,"product":495,"cpe_part":496,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":497},"debian linux","debian","debian_linux","o",[498,500],{"version":499,"is_range":108,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"version":501,"is_range":108,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0",{"ecosystem":9,"name":503,"vendor":504,"product":503,"cpe_part":496,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":505},"fedora","fedoraproject",[506,508],{"version":507,"is_range":108,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31",{"version":509,"is_range":108,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"32",{"ecosystem":9,"name":511,"vendor":512,"product":511,"cpe_part":478,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":513},"go","golang",[514,517],{"version":515,"is_range":482,"range_type":483,"version_start":9,"version_start_type":9,"version_end":516,"version_end_type":485,"fixed_in":9},"lt1.13.13","1.13.13",{"version":518,"is_range":482,"range_type":483,"version_start":519,"version_start_type":520,"version_end":521,"version_end_type":485,"fixed_in":9},"gte1.14.0_lt1.14.5","1.14.0","including","1.14.5",{"ecosystem":523,"name":524,"vendor":523,"product":524,"cpe_part":9,"purl_type":512,"purl_namespace":9,"purl_name":524,"source":9,"versions":525},"Go","stdlib",[526],{"version":527,"is_range":482,"range_type":528,"version_start":529,"version_start_type":520,"version_end":521,"version_end_type":485,"fixed_in":9},"gte1_14_0_0_lt1_14_5","semver","1.14.0-0",{"ecosystem":9,"name":531,"vendor":532,"product":531,"cpe_part":496,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":533},"leap","opensuse",[534,536],{"version":535,"is_range":108,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.1",{"version":537,"is_range":108,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.2"]