3 matches found
AZL-40471 CVE-2024-24788 affecting package golang for versions less than 1.22.3
A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop...
AZL-34751 CVE-2023-24538 affecting package golang for versions less than 1.19.8-1
Templates do not properly consider backticks as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to...
CVE-2022-30630
Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators...