Lucene search

K
gitlabHttps://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-DF5BB7F4E5A53473B793933B32E5695B
HistoryDec 26, 2022 - 12:00 a.m.

Out-of-bounds Read

2022-12-2600:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
9

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.

CPENameOperatorVersion
go/golang.org/x/text/languagelt0.3.7

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Related for GITLAB-DF5BB7F4E5A53473B793933B32E5695B