Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

GoogleOSV:GO-2022-0515

HistoryJul 20, 2022 - 5:01 p.m.

Stack exhaustion due to deeply nested types in go/parser

2022-07-2017:01:45

Google

osv.dev

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.5%

JSON

Calling any of the Parse functions on Go source code which contains deeply nested types or declarations can cause a panic due to stack exhaustion.

CPENameOperatorVersion
stdliblt1.17.12
stdliblt1.18.4
stdlibge1.18.0-0

Name	Operator	Version
stdlib	lt	1.17.12
stdlib	lt	1.18.4
stdlib	ge	1.18.0-0

References

go.dev/cl/417063

go.dev/issue/53616

go.googlesource.com/go/+/695be961d57508da5a82217f7415200a11845879

groups.google.com/g/golang-announce/c/nqrv9fbR0zE

prion 1

veracode 1

cve 1

ubuntucve 1

cvelist 1

ibm 17

osv 16

redhatcve 1

cbl_mariner 2

alpinelinux 1

debiancve 1

openvas 14

nessus 68

redhat 27

oraclelinux 9

altlinux 2

freebsd 1

almalinux 7

mageia 1

rocky 5

suse 2

photon 6

fedora 1

amazon 11

ubuntu 2

prion

Design/Logic Flaw

2022-08-10 20:15:00

veracode

Denial Of Service (DoS)

2022-07-22 15:36:52

cve

CVE-2022-1962

2022-08-10 20:15:00

ubuntucve

CVE-2022-1962

2022-08-10 00:00:00

cvelist

CVE-2022-1962 Stack exhaustion due to deeply nested types in go/parser

2022-08-09 20:18:18

ibm

Security Bulletin: IBM App Connect Enterprise Certified Container operator and IntegrationServer operands may be vulnerable to denial of service due to CVE-2022-1962

2022-11-04 17:28:17

Security Bulletin: Watson CP4D Data Stores is vulnerable to Golang Go to a denial of service (CVE-2022-1962)

2023-07-03 15:54:52

Security Bulletin:IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from openssl, pcre2 and Golang Go

2022-08-31 16:17:06

osv

BIT-golang-2022-1962

2024-03-06 11:02:59

CVE-2022-1962

2022-08-10 20:15:26

Important: go-toolset and golang security and bug fix update

2022-08-01 00:00:00

redhatcve

CVE-2022-1962

2022-07-15 10:32:31

cbl_mariner

CVE-2022-1962 affecting package golang 1.18.3-1

2022-09-17 05:56:44

CVE-2022-1962 affecting package golang for versions less than 1.18.5-1

2022-09-16 06:05:39

alpinelinux

CVE-2022-1962

2022-08-10 20:15:00

debiancve

CVE-2022-1962

2022-08-10 20:15:00

openvas

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-2439)

2022-10-10 00:00:00

Mageia: Security Advisory (MGASA-2022-0262)

2022-07-18 00:00:00

openSUSE: Security Advisory for go1.17 (SUSE-SU-2022:2671-1)

2022-08-05 00:00:00

nessus

EulerOS 2.0 SP5 : golang (EulerOS-SA-2022-2439)

2022-10-08 00:00:00

RHEL 8 : Red Hat Application Interconnect 1.0 Release (rpms) (Important) (RHSA-2022:6113)

2024-04-28 00:00:00

AlmaLinux 8 : go-toolset:rhel8 (5775) (ALSA-2022:5775)

2022-08-06 00:00:00

redhat

(RHSA-2022:6113) Important: Red Hat Application Interconnect 1.0 Release (rpms)

2022-08-18 14:51:43

(RHSA-2022:5775) Important: go-toolset:rhel8 security and bug fix update

2022-08-01 08:57:38

(RHSA-2022:5866) Important: go-toolset-1.17 and go-toolset-1.17-golang security and bug fix update

2022-08-02 08:55:32

oraclelinux

go-toolset:ol8 security and bug fix update

2022-08-03 00:00:00

go-toolset and golang security and bug fix update

2022-08-02 00:00:00

ol8addon security update

2022-11-07 00:00:00

altlinux

Security fix for the ALT Linux 10 package golang version 1.18.4-alt1

2022-07-28 00:00:00

Security fix for the ALT Linux 10 package golang version 1.17.12-alt1.p10

2022-07-29 00:00:00

freebsd

go -- multiple vulnerabilities

2022-07-12 00:00:00

almalinux

Important: go-toolset and golang security and bug fix update

2022-08-01 00:00:00

Important: go-toolset:rhel8 security and bug fix update

2022-08-01 00:00:00

Moderate: container-tools:3.0 security update

2022-11-08 00:00:00

mageia

Updated golang packages fix security vulnerability

2022-07-16 22:58:20

rocky

container-tools:3.0 security update

2022-11-08 06:22:08

go-toolset:rhel8 security and bug fix update

2022-08-01 08:57:38

go-toolset and golang security and bug fix update

2022-08-01 15:29:25

suse

Security update for go1.17 (important)

2022-08-04 00:00:00

Security update for go1.18 (important)

2022-08-04 00:00:00

photon

Important Photon OS Security Update - PHSA-2022-0242

2022-09-07 00:00:00

Important Photon OS Security Update - PHSA-2022-4.0-0242

2022-09-07 00:00:00

Critical Photon OS Security Update - PHSA-2022-0512

2022-09-06 00:00:00

fedora

[SECURITY] Fedora 35 Update: fzf-0.29.0-2.fc35

2022-08-17 01:36:21

amazon

Important: golist

2022-09-15 04:46:00

Important: golang-github-godbus-dbus

2022-10-17 21:46:00

Important: go-rpm-macros

2022-10-17 21:46:00

ubuntu

Go vulnerabilities

2024-01-09 00:00:00

Go vulnerabilities

2023-04-25 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.5%

JSON

Related for OSV:GO-2022-0515