Lucene search
K

128 matches found

OSV
OSV
added 2022/02/11 1:15 a.m.3 views

UBUNTU-CVE-2022-23772

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption...

7.5CVSS7.2AI score0.0283EPSS
Exploits0References3
Prion
Prion
added 2022/02/11 1:15 a.m.29 views

Memory corruption

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption...

7.8CVSS8.3AI score0.0283EPSS
Exploits0References6Affected Software2
ATTACKERKB
ATTACKERKB
added 2022/02/11 1:15 a.m.8 views

CVE-2022-23772

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption...

7.8CVSS7.2AI score0.0283EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2022/02/11 1:15 a.m.97 views

CVE-2022-23772

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption...

7.8CVSS7.2AI score0.0283EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/02/11 12:11 a.m.34 views

CVE-2022-23772

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption...

8.7AI score0.0283EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2022/02/11 12:11 a.m.34 views

CVE-2022-23772

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption...

7.8CVSS8.8AI score0.0283EPSS
Exploits0
CVE
CVE
added 2022/02/11 12:11 a.m.474 views

CVE-2022-23772

CVE-2022-23772 affects Go (golang) where Rat.SetString in math/big can overflow, leading to uncontrolled memory consumption. Connected advisories confirm this issue alongside other Go vulnerabilities (e.g., CVE-2022-23773, CVE-2022-23806) across multiple Go components (cmd/go, crypto/elliptic, ar...

7.8CVSS8.4AI score0.0283EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/10 12:0 a.m.10 views

The vulnerability of the `math/big.Rat` component and the `unmarshaltext` method in the Go programming language allows a malicious actor to trigger an unexpected error and restart the device.

The vulnerability of the math/big.Rat component and the unmarshaltext method in the Go programming language is related to uncontrolled memory allocation. Exploiting this vulnerability can allow an attacker to trigger a crash and restart of the device remotely...

7.5CVSS6.4AI score0.034EPSS
Exploits1References5Affected Software4
FreeBSD
FreeBSD
added 2022/02/10 12:0 a.m.36 views

go -- multiple vulnerabilities

The Go project reports: crypto/elliptic: fix IsOnCurve for big.Int values that are not valid coordinates Some big.Int values that are not valid field elements negative or overflowing might cause Curve.IsOnCurve to incorrectly return true. Operating on those values may cause a panic or an invalid...

2.7AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2021/12/09 8:19 p.m.2 views

golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents

A flaw was found in Go, where it attempts to allocate excessive memory. This issue may cause panic or unrecoverable fatal error if passed inputs with very large exponents. The highest threat from this vulnerability is to system availability...

7.5CVSS7.1AI score0.034EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/09/16 3:24 p.m.2 views

golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents

A flaw was found in Go, where it attempts to allocate excessive memory. This issue may cause panic or unrecoverable fatal error if passed inputs with very large exponents. The highest threat from this vulnerability is to system availability...

7.5CVSS7.1AI score0.034EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/08/31 3:1 p.m.2 views

golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents

A flaw was found in Go, where it attempts to allocate excessive memory. This issue may cause panic or unrecoverable fatal error if passed inputs with very large exponents. The highest threat from this vulnerability is to system availability...

7.5CVSS7.1AI score0.034EPSS
Exploits1References5
OSV
OSV
added 2021/08/02 7:15 p.m.3 views

DEBIAN-CVE-2021-33198

In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method...

7.5CVSS6.3AI score0.034EPSS
Exploits1References1
OSV
OSV
added 2021/08/02 7:15 p.m.3 views

UBUNTU-CVE-2021-33198

In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method...

7.5CVSS6.7AI score0.034EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2021/07/25 9:33 a.m.90 views

CVE-2020-28362

A flaw was found in the math/big package of Go's standard library that causes a denial of service. Applications written in Go that use math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can potentially cause panic via a crafted certificate chain. The...

7.5CVSS6.2AI score0.03813EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/07/02 12:0 a.m.43 views

openSUSE: Security Advisory for go1.15 (openSUSE-SU-2021:0950-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.2AI score0.03464EPSS
Exploits4References2
RedHat Linux
RedHat Linux
added 2021/05/19 10:26 a.m.5 views

golang: math/big: panic during recursive division of very large numbers

A flaw was found in the math/big package of Go's standard library that causes a denial of service. Applications written in Go that use math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can potentially cause panic via a crafted certificate chain. The...

7.5CVSS7.1AI score0.03813EPSS
Exploits0References4
OSV
OSV
added 2021/04/14 8:4 p.m.43 views

GO-2021-0069 Panic during division of very large numbers in math/big

A number of math/big.Int methods can panic when provided large inputs due to a flawed division method...

7.5CVSS7.6AI score0.03813EPSS
Exploits0References4
Snyk
Snyk
added 2021/04/14 8:4 p.m.4 views

Uncaught Exception

Overview std/math/big is a Go standard library package std/math/big Affected versions of this package are vulnerable to Uncaught Exception. Go Vulnerability Report: A number of math/big.Int methods can panic when provided large inputs due to a flawed division method. Remediation Upgrade...

8.7CVSS6.8AI score0.03813EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2021/03/30 4:48 p.m.5 views

golang: math/big: panic during recursive division of very large numbers

A flaw was found in the math/big package of Go's standard library that causes a denial of service. Applications written in Go that use math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can potentially cause panic via a crafted certificate chain. The...

7.5CVSS7.1AI score0.03813EPSS
Exploits0References4
Rows per page
Query Builder