168 matches found
RHCOS 4 / 9 : OpenShift Container Platform 4.17.2 (RHSA-2024:8232)
The remote Red Hat Enterprise Linux CoreOS 4 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8232 advisory. - github.com/jaraco/zipp: Denial of Service infinite loop via crafted zip file in jaraco/zipp CVE-2024-5569 - go/parser: golang:...
MiracleLinux 9 : osbuild-composer-101-2.el9_4.ML.1 (AXSA:2024-8870:04)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8870:04 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156...
MiracleLinux 9 : grafana-pcp-5.1.1-3.el9_4 (AXSA:2024-8847:06)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8847:06 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156...
MiracleLinux 8 : osbuild-composer-101-2.el8_10.ML.1 (AXSA:2024-8868:03)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8868:03 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 encoding/gob: golang: Calling Decoder.Decode on a...
MiracleLinux 9 : osbuild-composer-118-2.el9.ML.1 (AXSA:2024-9376:05)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9376:05 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156...
MiracleLinux 9 : podman-4.9.4-13.el9_4 (AXSA:2024-8900:09)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8900:09 advisory. go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion CVE-2024-34155...
Stack exhaustion in Decoder.Decode in encoding/gob
...
RLSA-2025:3773 Important: delve and golang security update
The Go Programming Language. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...
delve and golang security update
An update is available for delve. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Go Programming Language. Security Fixes: encoding/gob: golang: Calling...
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
ALSA-2025:3773 Important: delve and golang security update
The Go Programming Language. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...
Important: delve and golang security update
The Go Programming Language. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...
RLSA-2024:9473 Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 dompurify:...
RLSA-2024:11217 Important: skopeo security update
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack...
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
ALSA-2024:11216 Moderate: containernetworking-plugins security update
The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...