x/vulndb: potential Go vuln in Go Standard Library (package not identified): CVE-2020-7919

[GoVulnBot]

In CVE-2020-7919, the reference URL [Go Standard Library (package not identified)](Go Standard Library (package not identified)) (and possibly others) refers to something in Go.

module: std
package: Go Standard Library (package not identified)
description: |
  Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate.
cves:
- CVE-2020-7919
links:
  context:
  - https://groups.google.com/forum/#!forum/golang-announce
  - https://groups.google.com/g/golang-announce/c/-sdUB4VEQkA
  - https://groups.google.com/g/golang-announce/c/Hsw4mHYc470
  - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S43VLYRURELDWX4D5RFOYBNFGO6CGBBC/
  - https://security.netapp.com/advisory/ntap-20200327-0001/
  - https://www.debian.org/security/2021/dsa-4848
  - https://www.oracle.com/security-alerts/cpuApr2021.html

See doc/triage.md for instructions on how to triage this report.

[gopherbot]

Change https://go.dev/cl/415223 mentions this issue: x/vulndb: add reports/GO-2022-0229.yaml for CVE-2020-7919

[gopherbot]

Change https://go.dev/cl/377579 mentions this issue: reports: add GO-2021-0229.yaml for CVE-2020-7919