Collaboration | Teamwork | Project Management

Vulnerability

mattermost

Coordinated disclosure of XML round-trip vulnerabilities in Go's standard library

This blog post is a part of Mattermost’s public disclosure of three serious vulnerabilities in Go’s encoding/xml related to tokenization round-trips. The public disclosure comes as a result of several months of work, including collaborating with the Go security team since August 2020 and with affected downstream project maintainers since earlier this month.