1056 matches found
CVE-2022-30630
Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators...
CVE-2022-1962
Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations...
CVE-2022-1962
CVE-2022-1962 involves go/parser: Uncontrolled recursion in the Parse functions can cause a panic due to stack exhaustion when processing deeply nested types or declarations. Affected: Go's parser (go/parser) prior to Go 1.17.12 and Go 1.18.4. Impact: potential denial of availability via panics. ...
CVE-2022-30630
Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators...
CVE-2022-30630
CVE-2022-30630 affects Go's standard library io/fs: Glob panics due to stack exhaustion when evaluating paths with many path separators. Root cause is uncontrolled recursion in Glob. Public advisories indicate remediation via updates to Go 1.17.12 or Go 1.18.4 (and related vendor advisories for a...
CVE-2022-30630
Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators...
CVE-2022-30630 Stack exhaustion in Glob on certain paths in io/fs
Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators...
CVE-2022-30631 Stack exhaustion when reading certain archives in compress/gzip
Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files...
CVE-2022-30631
Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files...
CVE-2022-30631
CVE-2022-30631 affects Go’s standard library compress/gzip, specifically Reader.Read. The issue is an uncontrolled recursion that can cause stack exhaustion and a panic when processing an archive containing a large number of concatenated 0-length compressed files. Affected versions: Go before 1.1...
CVE-2022-30633
The CVE-2022-30633 incident affects Go's encoding/xml package: Unmarshal can panic due to stack exhaustion when unmarshalling XML into a struct with nested fields using the any tag, in Go versions prior to 1.17.12 and 1.18.4. The published advisories (including ALAS2023-2023-046, ALAS2023-2023-04...
CVE-2022-30635
Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures...
CVE-2022-30635 Stack exhaustion when decoding certain messages in encoding/gob
Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures...
CVE-2022-30635
CVE-2022-30635: Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 can cause a panic due to stack exhaustion when processing deeply nested structures. The description notes this as a vulnerability in Go’s gob decoding. Affected component: encoding/gob; root c...
CVE-2022-30632
CVE-2022-30632 affects the Go standard library (path/filepath) where calling Glob on a path that contains a large number of path separators can cause a panic from stack exhaustion, impacting availability. Affected component: Go’s path/filepath Glob implementation (pre-Go 1.17.12 and pre-Go 1.18.4...
CVE-2022-30632 Stack exhaustion on crafted paths in path/filepath
Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators...
Denial Of Service (DoS)
vim is vulnerable to denial of service. The vulnerability exists due to an uncontrolled recursion causing the system to exhaust the memory and crash...
CVE-2022-28131
Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document...
CVE-2022-28131 Stack exhaustion from deeply nested XML documents in encoding/xml
Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document...
CVE-2022-28131
CVE-2022-28131: Uncontrolled recursion in Decoder.Skip in encoding/xml can panic due to stack exhaustion when parsing deeply nested XML. Affected: Go's encoding/xml package. Root cause: recursion while skipping nested XML elements. Impact: potential denial of service via panic/availability loss. ...