[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-9283":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":27,"aliases":50,"duplicate_of":9,"upstream":53,"downstream":54,"duplicates":73,"related":74,"reserved_at":9,"published_at":79,"modified_at":80,"state":81,"summary":82,"references_raw":90,"kevs":159,"epss":160,"epss_history":163,"metrics":403,"affected":415},"CVE-2020-9283","golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public keys. Also, a server can attack any SSH client.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-347","Improper Verification of Cryptographic Signature","The product does not verify, or incorrectly verifies, the cryptographic signature for data.","weakness","Draft","Base",[19,23],{"id":20,"name":21,"techniques":22},"CAPEC-463","Padding Oracle Crypto Attack",[],{"id":24,"name":25,"techniques":26},"CAPEC-475","Signature Spoofing by Improper Validation",[],[28,37],{"_key":29,"name":30,"source":31,"url":32,"maturity":33,"reliability_score":34,"verified":35,"type":9,"platforms":36,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_8DF036245C31DB1B","Exploit Reference (packetstormsecurity.com)","reference","http://packetstormsecurity.com/files/156480/Go-SSH-0.0.2-Denial-Of-Service.html","unknown",0.2,false,[],{"_key":38,"name":39,"source":40,"url":41,"maturity":42,"reliability_score":43,"verified":35,"type":44,"platforms":45,"requires_auth":9,"exploitdb":47,"metasploit":9},"48121","Go SSH servers 0.0.2 - Denial of Service (PoC)","exploit-database","https://www.exploit-db.com/exploits/48121","poc",0.5,"dos",[46],"linux",{"verified":35,"type":44,"platform":46,"file":48,"codes":49},"exploits/linux/dos/48121.py",[7],[51,52],"GHSA-ffhg-7mh4-33c4","GO-2020-0012",[],[55,57,59,61,63,65,67,69,71],{"_key":56},"UBUNTU-CVE-2020-9283",{"_key":58},"DLA-2402-1",{"_key":60},"DLA-2453-1",{"_key":62},"DLA-2455-1",{"_key":64},"DLA-3455-1",{"_key":66},"DEBIAN-CVE-2020-9283",{"_key":68},"RHBA-2020:3179",{"_key":70},"RHSA-2020:2413",{"_key":72},"RHSA-2020:3369",[],[75,77],{"_key":76},"CGA-QVJ2-WPRQ-PWFH",{"_key":78},"CGA-69XX-589X-989V","2020-02-20T00:00:00.000Z","2024-08-04T10:26:15.873Z","Modified",{"cisa_kev":35,"cisa_ransomware":35,"cisa_vendor":9,"epss_severity":83,"epss_score":84,"severity":85,"severity_score":86,"severity_version":87,"severity_source":88,"severity_vector":89,"severity_status":81},"medium",0.18682,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[91,96,104,109,113,117,121,126,130,135,140,144,148,152,156],{"url":92,"sources":93,"tags":95},"https://groups.google.com/forum/#%21topic/golang-announce/3L45YRc91SY",[94,88],"cve.org",[],{"url":32,"sources":97,"tags":99},[94,88,98],"osv_go",[100,101,102,103],"Exploit","Third Party Advisory","VDB Entry","WEB",{"url":105,"sources":106,"tags":107},"https://lists.debian.org/debian-lts-announce/2020/10/msg00014.html",[94,88,98],[108,101,103],"Mailing List",{"url":110,"sources":111,"tags":112},"https://lists.debian.org/debian-lts-announce/2020/11/msg00027.html",[94,88,98],[108,101,103],{"url":114,"sources":115,"tags":116},"https://lists.debian.org/debian-lts-announce/2020/11/msg00031.html",[94,88,98],[108,101,103],{"url":118,"sources":119,"tags":120},"https://lists.debian.org/debian-lts-announce/2023/06/msg00017.html",[94,88],[108],{"url":122,"sources":123,"tags":124},"https://nvd.nist.gov/vuln/detail/CVE-2020-9283",[98],[125],"Advisory",{"url":127,"sources":128,"tags":129},"https://github.com/golang/crypto/commit/bac4c82f69751a6dd76e702d54b3ceb88adab236",[98],[103],{"url":131,"sources":132,"tags":133},"https://github.com/golang/crypto",[98],[134],"PACKAGE",{"url":136,"sources":137,"tags":138},"https://go.dev/cl/220357",[98],[103,139],"FIX",{"url":141,"sources":142,"tags":143},"https://go.googlesource.com/crypto/+/bac4c82f69751a6dd76e702d54b3ceb88adab236",[98],[103,139],{"url":145,"sources":146,"tags":147},"https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY",[98],[103],{"url":149,"sources":150,"tags":151},"https://groups.google.com/g/golang-announce/c/3L45YRc91SY",[98],[103],{"url":153,"sources":154,"tags":155},"https://pkg.go.dev/vuln/GO-2020-0012",[98],[103],{"url":41,"sources":157,"tags":158},[98],[103],[],{"date":161,"score":84,"percentile":162},"2026-06-04",0.95399,[164,168,170,172,175,178,180,182,184,187,190,192,194,196,199,203,206,209,212,215,218,220,223,226,229,231,234,236,239,242,244,246,249,251,254,257,260,263,266,269,272,275,278,281,284,287,290,292,294,297,299,302,305,308,311,314,316,319,321,324,327,330,333,335,337,339,341,344,346,348,350,352,355,357,359,361,363,366,369,372,375,378,381,384,386,389,391,394,397,400],{"date":165,"score":166,"percentile":167},"2025-11-04",0.199,0.95213,{"date":169,"score":166,"percentile":167},"2025-11-05",{"date":171,"score":166,"percentile":167},"2025-11-06",{"date":173,"score":166,"percentile":174},"2025-11-07",0.95214,{"date":176,"score":166,"percentile":177},"2025-11-08",0.95212,{"date":179,"score":166,"percentile":177},"2025-11-09",{"date":181,"score":166,"percentile":167},"2025-11-10",{"date":183,"score":166,"percentile":174},"2025-11-11",{"date":185,"score":166,"percentile":186},"2025-11-12",0.95217,{"date":188,"score":166,"percentile":189},"2025-11-13",0.95216,{"date":191,"score":166,"percentile":186},"2025-11-14",{"date":193,"score":166,"percentile":174},"2025-11-15",{"date":195,"score":166,"percentile":189},"2025-11-16",{"date":197,"score":166,"percentile":198},"2025-11-17",0.95219,{"date":200,"score":201,"percentile":202},"2025-11-18",0.21371,0.9531,{"date":204,"score":201,"percentile":205},"2025-11-19",0.95311,{"date":207,"score":201,"percentile":208},"2025-11-20",0.95314,{"date":210,"score":166,"percentile":211},"2025-11-21",0.95226,{"date":213,"score":166,"percentile":214},"2025-11-22",0.95225,{"date":216,"score":166,"percentile":217},"2025-11-23",0.95223,{"date":219,"score":166,"percentile":214},"2025-11-24",{"date":221,"score":166,"percentile":222},"2025-11-25",0.95228,{"date":224,"score":166,"percentile":225},"2025-11-26",0.9523,{"date":227,"score":166,"percentile":228},"2025-11-27",0.95232,{"date":230,"score":166,"percentile":225},"2025-11-28",{"date":232,"score":166,"percentile":233},"2025-11-29",0.95234,{"date":235,"score":166,"percentile":225},"2025-11-30",{"date":237,"score":166,"percentile":238},"2025-12-01",0.95268,{"date":240,"score":166,"percentile":241},"2025-12-02",0.95267,{"date":243,"score":166,"percentile":238},"2025-12-03",{"date":245,"score":166,"percentile":225},"2025-12-04",{"date":247,"score":84,"percentile":248},"2025-12-05",0.95023,{"date":250,"score":84,"percentile":248},"2025-12-06",{"date":252,"score":84,"percentile":253},"2025-12-07",0.95028,{"date":255,"score":84,"percentile":256},"2025-12-08",0.95027,{"date":258,"score":84,"percentile":259},"2025-12-09",0.9503,{"date":261,"score":84,"percentile":262},"2025-12-10",0.95037,{"date":264,"score":84,"percentile":265},"2025-12-11",0.9504,{"date":267,"score":84,"percentile":268},"2025-12-12",0.95042,{"date":270,"score":84,"percentile":271},"2025-12-13",0.95041,{"date":273,"score":84,"percentile":274},"2025-12-14",0.95039,{"date":276,"score":84,"percentile":277},"2025-12-15",0.95043,{"date":279,"score":84,"percentile":280},"2025-12-16",0.95045,{"date":282,"score":84,"percentile":283},"2025-12-17",0.95048,{"date":285,"score":84,"percentile":286},"2025-12-18",0.95052,{"date":288,"score":84,"percentile":289},"2025-12-19",0.95053,{"date":291,"score":84,"percentile":289},"2025-12-20",{"date":293,"score":84,"percentile":289},"2025-12-21",{"date":295,"score":84,"percentile":296},"2025-12-22",0.95051,{"date":298,"score":84,"percentile":296},"2025-12-23",{"date":300,"score":84,"percentile":301},"2025-12-24",0.95056,{"date":303,"score":84,"percentile":304},"2025-12-25",0.9506,{"date":306,"score":84,"percentile":307},"2025-12-26",0.95061,{"date":309,"score":84,"percentile":310},"2025-12-27",0.95083,{"date":312,"score":84,"percentile":313},"2025-12-28",0.95055,{"date":315,"score":84,"percentile":301},"2025-12-29",{"date":317,"score":84,"percentile":318},"2025-12-30",0.95058,{"date":320,"score":84,"percentile":307},"2025-12-31",{"date":322,"score":84,"percentile":323},"2026-01-01",0.95106,{"date":325,"score":84,"percentile":326},"2026-01-02",0.95101,{"date":328,"score":84,"percentile":329},"2026-01-03",0.95096,{"date":331,"score":84,"percentile":332},"2026-01-04",0.95049,{"date":334,"score":84,"percentile":283},"2026-01-05",{"date":336,"score":84,"percentile":283},"2026-01-06",{"date":338,"score":84,"percentile":283},"2026-01-07",{"date":340,"score":84,"percentile":286},"2026-01-08",{"date":342,"score":84,"percentile":343},"2026-01-09",0.95054,{"date":345,"score":84,"percentile":313},"2026-01-10",{"date":347,"score":84,"percentile":313},"2026-01-11",{"date":349,"score":84,"percentile":343},"2026-01-12",{"date":351,"score":84,"percentile":286},"2026-01-13",{"date":353,"score":84,"percentile":354},"2026-01-14",0.95057,{"date":356,"score":84,"percentile":318},"2026-01-15",{"date":358,"score":84,"percentile":304},"2026-01-16",{"date":360,"score":84,"percentile":307},"2026-01-17",{"date":362,"score":84,"percentile":307},"2026-01-18",{"date":364,"score":84,"percentile":365},"2026-01-19",0.95059,{"date":367,"score":84,"percentile":368},"2026-01-20",0.95063,{"date":370,"score":84,"percentile":371},"2026-01-21",0.95065,{"date":373,"score":84,"percentile":374},"2026-01-22",0.95068,{"date":376,"score":84,"percentile":377},"2026-01-23",0.95073,{"date":379,"score":84,"percentile":380},"2026-01-24",0.95078,{"date":382,"score":84,"percentile":383},"2026-01-25",0.95082,{"date":385,"score":84,"percentile":310},"2026-01-26",{"date":387,"score":84,"percentile":388},"2026-01-27",0.95081,{"date":390,"score":84,"percentile":310},"2026-01-28",{"date":392,"score":84,"percentile":393},"2026-01-29",0.95086,{"date":395,"score":84,"percentile":396},"2026-01-30",0.95085,{"date":398,"score":84,"percentile":399},"2026-01-31",0.95087,{"date":401,"score":84,"percentile":402},"2026-02-01",0.95123,[404,413],{"source":88,"cvss_v2_0":405,"cvss_v3_0":9,"cvss_v3_1":410,"cvss_v4_0":9},{"baseScore":406,"baseSeverity":9,"vectorString":407,"impactScore":408,"exploitabilityScore":409},5,"AV:N/AC:L/Au:N/C:N/I:N/A:P",2.9,10,{"baseScore":86,"baseSeverity":411,"vectorString":89,"impactScore":412,"exploitabilityScore":409},"HIGH",6,{"source":98,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":414,"cvss_v4_0":9},{"baseScore":86,"baseSeverity":9,"vectorString":89,"impactScore":412,"exploitabilityScore":409},[416,425,438],{"ecosystem":9,"name":417,"vendor":418,"product":419,"cpe_part":420,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":421},"debian linux","debian","debian_linux","o",[422],{"version":423,"is_range":35,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0","cpe",{"ecosystem":426,"name":427,"vendor":428,"product":429,"cpe_part":9,"purl_type":430,"purl_namespace":428,"purl_name":429,"source":9,"versions":431},"Go","golang.org/x/crypto","golang.org/x","crypto","golang",[432],{"version":433,"is_range":434,"range_type":435,"version_start":9,"version_start_type":9,"version_end":436,"version_end_type":437,"fixed_in":9},"lt0_0_0_20200220183623_bac4c82f6975",true,"semver","0.0.0-20200220183623-bac4c82f6975","excluding",{"ecosystem":9,"name":439,"vendor":430,"product":440,"cpe_part":441,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":442},"package ssh","package_ssh","a",[443],{"version":436,"is_range":35,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]