Lucene search
GoogleOSV:SUSE-SU-2024:3196-1HistorySep 10, 2024 - 2:10 p.m.
Security update for go1.22
2024-09-1014:10:34
Google
osv.dev
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.1
Confidence
Low
This update for go1.22 fixes the following issues:
- Update to go v1.22.7
- CVE-2024-34155: Fixed stack exhaustion in all Parse* functions. (bsc#1230252)
- CVE-2024-34156: Fixed stack exhaustion in Decoder.Decode. (bsc#1230253)
- CVE-2024-34158: Fixed stack exhaustion in Parse. (bsc#1230254)
Related
nessus
nessus
SUSE SLES12 Security Update : go1.22 (SUSE-SU-2024:3196-1)
2024-09-11 00:00:00
Golang < 1.22.7, 1.23.x < 1.23.1 Multiple Vulnerabilities
2024-09-11 00:00:00
osv
osv
go1.23-1.23.1-1.1 on GA media
2024-09-08 00:00:00
Security update for go1.23
2024-09-12 09:34:04
go1.22-1.22.7-1.1 on GA media
2024-09-06 00:00:00
debiancve
debiancve
CVE-2024-34158
2024-09-06 21:15:12
wolfi
wolfi
CVE-2024-34156 vulnerabilities
2024-09-19 21:18:36
alpinelinux
alpinelinux
CVE-2024-34155
2024-09-06 21:15:11
vulnrichment
vulnrichment
CVE-2024-34155 Stack exhaustion in all Parse functions in go/parser
2024-09-06 20:42:42
nvd
nvd
CVE-2024-34155
2024-09-06 21:15:11
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.1
Confidence
Low
Related for OSV:SUSE-SU-2024:3196-1