3 matches found
CVE-2020-29243
dhowden tag before 2020-11-19 allows "panic: runtime error: index out of range" via readAPICFrame...
CVE-2020-29243
dhowden tag before 2020-11-19 allows "panic: runtime error: index out of range" via readAPICFrame...
CVE-2020-29243
CVE-2020-29243 affects the Go package github.com/dhowden/tag. The issue is an out-of-bounds read panic triggered in readAPICFrame (and related code paths) that can cause a denial of service. Several connected advisories (GHSA entries and OSV notes) describe improper bounds checking across methods...