Lucene search
K

128 matches found

CVE
CVE
added 2022/08/09 8:17 p.m.408 views

CVE-2022-32189

CVE-2022-32189 affects Go's math/big: decoding big.Float and big.Rat can panic if the encoded message is too short, potentially causing a denial of service. The Initial Description cites vulnerable versions as Go before 1.17.13 and 1.18.5. Connected advisories (ALMA/ALAS) indicate fixes are distr...

7.5CVSS7.2AI score0.0198EPSS
Exploits1References5Affected Software1
AlpineLinux
AlpineLinux
added 2022/08/09 8:17 p.m.59 views

CVE-2022-32189

A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service...

7.5CVSS7.4AI score0.0198EPSS
Exploits1
OSV
OSV
added 2022/08/01 10:21 p.m.22 views

GO-2022-0537 Panic when decoding Float and Rat types in math/big

Decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service...

7.5CVSS7.1AI score0.0198EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/08/01 11:33 a.m.77 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.10.25 bug fix and security update

Red Hat OpenShift Container Platform release 4.10.25 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a...

7.8CVSS7AI score0.0995EPSS
Exploits1References23
FreeBSD
FreeBSD
added 2022/07/14 12:0 a.m.83 views

go -- decoding big.Float and big.Rat can panic

The Go project reports: encoding/gob & math/big: decoding big.Float and big.Rat can panic Decoding big.Float and big.Rat types can panic if the encoded message is too short...

7.5CVSS6.8AI score0.0198EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.8 views

The vulnerability in the implementation of the SetString() function in the Rat class of the math/big programming language in Go allows a attacker to cause a service failure.

The vulnerability of the SetString function implementation in the Rat class of the Go programming language in the math/big package involves resource exhaustion. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.8CVSS7.4AI score0.0283EPSS
Exploits0References11Affected Software14
RedHat Linux
RedHat Linux
added 2022/06/13 12:34 p.m.2 views

golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString

A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issue could allow a remote attacker to impact the availability of the system...

7.8CVSS7.2AI score0.0283EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/06/01 11:48 a.m.3 views

golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString

A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issue could allow a remote attacker to impact the availability of the system...

7.8CVSS7.2AI score0.0283EPSS
Exploits0References5
OSV
OSV
added 2022/05/23 10:15 p.m.39 views

GO-2021-0317 Uncontrolled memory consumption in math/big

Rat.SetString had an overflow issue that can lead to uncontrolled memory consumption...

7.8CVSS8.7AI score0.0283EPSS
Exploits0References4
Snyk
Snyk
added 2022/05/23 10:15 p.m.5 views

Integer Overflow or Wraparound

Overview std/math/big is a Go standard library package std/math/big Affected versions of this package are vulnerable to Integer Overflow or Wraparound. Go Vulnerability Report: Rat.SetString had an overflow issue that can lead to uncontrolled memory consumption. Remediation Upgrade std/math/big t...

8.7CVSS7AI score0.0283EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/05/18 12:0 a.m.258 views

Oracle Linux 8 : go-toolset:ol8 (ELSA-2022-1819)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-1819 advisory. delve 1.7.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.7.2-1 - Rebase to 1.7.2 - Related: rhbz2014088 golang 1.17.7-1 - Rebase...

9.8CVSS7.2AI score0.10299EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2022/04/28 12:0 a.m.40 views

Debian DLA-2985-1 : golang-1.7 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2985 advisory. Several vulnerabilities were discovered in the Go programming language. An attacker could trigger a denial-of-service DoS or invalid cryptographic computation...

9.1CVSS7.4AI score0.03255EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2022/04/28 12:0 a.m.44 views

Debian DLA-2986-1 : golang-1.8 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2986 advisory. - Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. CVE-2022-23772 -...

9.1CVSS7.3AI score0.03255EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2022/04/19 1:35 p.m.2 views

golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents

A flaw was found in Go, where it attempts to allocate excessive memory. This issue may cause panic or unrecoverable fatal error if passed inputs with very large exponents. The highest threat from this vulnerability is to system availability...

7.5CVSS7.1AI score0.034EPSS
Exploits1References5
Mageia
Mageia
added 2022/03/07 11:10 p.m.387 views

Updated golang packages fix security vulnerability

Overflow in Rat.SetString in math/big can lead to uncontrolled memory consumption CVE-2022-23772 Incorrect access control in cmd/go CVE-2022-23773 Incorrect returned value in crypto/elliptic IsOnCurve CVE-2022-23806 The following non-security bugs were fixed: - go50978 crypto/elliptic: IsOnCurve...

9.1CVSS0.9AI score0.03015EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/03/05 12:0 a.m.29 views

openSUSE: Security Advisory for go1.16 (openSUSE-SU-2022:0724-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS8.9AI score0.03015EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2022/03/04 12:0 a.m.52 views

Security update for go1.16 (important)

openSUSE Security Update: Security update for go1.16 Announcement ID: openSUSE-SU-2022:0724-1 Rating: important References: 1182345 1195834 1195835 1195838 Cross-References: CVE-2022-23772 CVE-2022-23773 CVE-2022-23806 CVSS scores: CVE-2022-23772 NVD : 7.5...

7.5CVSS9.6AI score0.03015EPSS
Exploits0References4
OSV
OSV
added 2022/02/17 5:33 p.m.42 views

GO-2021-0242 Panic on inputs with large exponents in math/big

Rat.SetString and Rat.UnmarshalText may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents...

7.5CVSS6.6AI score0.034EPSS
Exploits1References4
NVD
NVD
added 2022/02/11 1:15 a.m.19 views

CVE-2022-23772

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption...

7.8CVSS0.0283EPSS
Exploits0References6
OSV
OSV
added 2022/02/11 1:15 a.m.2 views

DEBIAN-CVE-2022-23772

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption...

7.5CVSS8.1AI score0.0283EPSS
Exploits0References1
Rows per page
Query Builder