9 matches found
Denial Of Service (DoS)
The compose-go library is vulnerable to a Denial of Service DoS. The vulnerability is due to excessive memory and CPU consumption when parsing malicious YAML payloads, which can be sent by an authorized user...
CVE-2024-10846
The compose-go library component in versions v2.10-v2.4.0 allows an authorized user who sends malicious YAML payloads to cause the compose-go to consume excessive amount of Memory and CPU cycles while parsing YAML, such as used by Docker Compose from versions v2.27.0 to v2.29.7 included...
CVE-2024-10846
The compose-go library component in versions v2.10-v2.4.0 allows an authorized user who sends malicious YAML payloads to cause the compose-go to consume excessive amount of Memory and CPU cycles while parsing YAML, such as used by Docker Compose from versions v2.27.0 to v2.29.7 included...
CVE-2024-10846 Excessive Platform Resource Consumption within a Loop when unmarshalling Compose file having recursive loop
The compose-go library component in versions v2.10-v2.4.0 allows an authorized user who sends malicious YAML payloads to cause the compose-go to consume excessive amount of Memory and CPU cycles while parsing YAML, such as used by Docker Compose from versions v2.27.0 to v2.29.7 included...
CVE-2024-10846 Excessive Platform Resource Consumption within a Loop when unmarshalling Compose file having recursive loop
The compose-go library component in versions v2.10-v2.4.0 allows an authorized user who sends malicious YAML payloads to cause the compose-go to consume excessive amount of Memory and CPU cycles while parsing YAML, such as used by Docker Compose from versions v2.27.0 to v2.29.7 included...
CVE-2024-10846
Summary: CVE-2024-10846 affects the compose-go library. The vulnerability occurs in versions v2.10–v2.4.0 of the compose-go component when an authorized user sends malicious YAML payloads, causing the library to consume excessive memory and CPU cycles during YAML parsing (as used by Docker Compos...
GHSA-36GQ-35J3-P9R9 Excessive Platform Resource Consumption within a Loop when unmarshalling Compose file having recursive loop
Impact The compose-go library component in versions v2.10-v2.4.0 allows an authorized user who sends malicious YAML payloads to cause the compose-go to consume excessive amount of Memory and CPU cycles while parsing YAML, such as used by Docker Compose from versions v2.27.0 to v2.29.7 included...
Excessive Platform Resource Consumption within a Loop when unmarshalling Compose file having recursive loop
Impact The compose-go library component in versions v2.10-v2.4.0 allows an authorized user who sends malicious YAML payloads to cause the compose-go to consume excessive amount of Memory and CPU cycles while parsing YAML, such as used by Docker Compose from versions v2.27.0 to v2.29.7 included...
PT-2025-1609 · Docker +1 · Docker Compose +1
Name of the Vulnerable Software and Affected Versions: compose-go versions v2.10 through v2.4.0 Docker Compose versions v2.27.0 through v2.29.7 Description: The issue allows an authorized user who sends malicious YAML payloads to cause excessive memory and CPU cycle consumption while parsing YAML...