CVE-2020-29652
CVE Details
Visit the official vulnerability details page for CVE-2020-29652 to learn more.
Initial Publication
01/20/2025
Last Update
02/01/2026
Third Party Dependency
golang.org/x/crypto
NIST CVE Summary
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.
CVE Severity
Our Official Summary
This vulnerability is a false positive. Although this is reported by the scanning tools on some of the components, further checks indicate the symbol/function with the vulnerability while present is not being used.
Status
Ongoing
Affected Products & Versions
| Version | Palette Enterprise | Palette Enterprise Airgap | VerteX | VerteX Airgap |
|---|---|---|---|---|
| 4.8.25 | ⚠️ Impacted | ✅ No Impact | ✅ No Impact | ✅ No Impact |
| 4.5.22 | ⚠️ Impacted | ✅ No Impact | ✅ No Impact | ✅ No Impact |
Revision History
| Date | Revision |
|---|---|
| 10/14/2025 | Status changed from Open to Ongoing |