PT-2022-24814 · Go-Cvss · Go-Cvss

Name of the Vulnerable Software and Affected Versions: go-cvss versions prior to v0.4.0 Description: The issue arises when a full CVSS v2.0 vector string is parsed using the ParseVector function, potentially leading to an Out-of-Bounds Read due to a lack of tests, causing the Go module to panic...