2 matches found
CVE-2025-29786
CVE-2025-29786 concerns the Expr expression parser (Go). Prior to 1.17.0, unbounded input can cause the parser to build an excessively large AST, leading to high memory usage or an OOM crash. The issue is mitigated by a patch in 1.17.0 that enforces node budget and memory limits during parsing. R...
Denial Of Service (DoS)
github.com/ugorji/go is vulnerable to denial of service DoS attacks. The vulnerability exists because it doe not limit the size of length of input when it decodes a very large or corrupted string or bytes value...