42 matches found
golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The...
EulerOS 2.0 SP5 : golang (EulerOS-SA-2020-2247)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid...
Amazon Linux AMI : golang (ALAS-2020-1436)
The version of golang installed on the remote host is prior to 1.13.15-1.59. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1436 advisory. The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder...
golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The...
golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The...
golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The...
golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The...
Amazon Linux 2 : golang (ALAS-2020-1494)
The version of golang installed on the remote host is prior to 1.13.15-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1494 advisory. The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder...
Medium: golang
Issue Overview: The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or...
Oracle Linux 7 : coredns / cri-o / cri-tools / etcd / flannel / kata / kata-agent / kata-image / kata-ksm-throttler / kata-proxy / kata-runtime / kata-shim / kubernetes / kubernetes-cni / kubernetes-cni-plugins / kubernetes-dashboard / olcne / yq (ELSA-2020-5828)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5828 advisory. - Address CVE-2020-16845 - Address CVE-2020-16845 cri-tools - Address CVE-2020-16845 etcd - Address CVE-2020-16845 - Address CVE-2020-16845 - Address...
EulerOS 2.0 SP8 : golang (EulerOS-SA-2020-1852)
According to the version of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid...
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
...
AZL-79098 CVE-2020-16845 affecting package golang 1.25.7-1
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
CVE-2020-16845
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
DEBIAN-CVE-2020-16845
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
CVE-2020-16845
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
Design/Logic Flaw
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
UBUNTU-CVE-2020-16845
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
CVE-2020-16845
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
CVE-2020-16845
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...