Lucene search
GoogleOSV:GO-2023-1589HistoryJul 11, 2023 - 6:44 p.m.
Denial of service from memory exhaustion in github.com/notaryproject/notation-go
2023-07-1118:44:01
Google
osv.dev
9
denial of service
memory exhaustion
github
notary project
pkix
distinguished names
excessive memory consumption
software
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
38.0%
Parsing PKIX distinguished names containing the string “=#” can cause excessive memory consumption.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/notaryproject/notation-go | lt | 1.0.0-rc.3 |
Related
osv
osv
notation-go has excessive memory allocation on verification
2023-02-22 00:03:49
github
github
notation-go has excessive memory allocation on verification
2023-02-22 00:03:49
veracode
veracode
Denial Of Service (DoS)
2023-02-26 10:40:10
wolfi
wolfi
CVE-2023-25656 vulnerabilities
2024-07-02 03:09:22
cgr
cgr
CVE-2023-25656 vulnerabilities
2024-05-19 03:07:16
cvelist
cvelist
CVE-2023-25656 notation-go has excessive memory allocation on verification
2023-02-20 00:00:00
nvd
nvd
CVE-2023-25656
2023-02-20 16:15:10
cve
cve
CVE-2023-25656
2023-02-20 16:15:10
prion
prion
Design/Logic Flaw
2023-02-20 16:15:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
38.0%
Related for OSV:GO-2023-1589