3998 matches found
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion
A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion...
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion
A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion...
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
kernel: x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type
A vulnerability in the Linux kernel affected the x86/mm code, specifically in the pfntokaddr macro. The issue arises when the macro does not correctly handle input as a 64-bit type, causing crashes on 64-bit platforms, especially for SEV-SNP guests, when processing addresses above the 1TB range...
go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion
A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion...
go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion
A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion...
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
WordPress Persian Nested Show/Hide Text plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Persian Nested Show/Hide Text versions = 1.5...
SUSE CVE-2024-50161
In the Linux kernel, the following vulnerability has been resolved: bpf: Check the remaining infocnt before repeating btf fields When trying to repeat the btf fields for array of nested struct, it doesn't check the remaining infocnt. The following splat will be reported when the value of ret nele...
WordPress Persian Nested Show/Hide Text Plugin <= 1.5 is vulnerable to Cross Site Scripting (XSS)
Software Persian Nested Show/Hide Text Type Plugin Vulnerable versions = 1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51831 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 841990db88af Credits SOPROBRO Required privilege...
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion
A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion...
The vulnerability of the Nested iFrame Handler component in the Firefox web browser arises from an incorrect SameSite attribute in the cookie file. This allows attackers to access sensitive data, compromise its integrity, and cause service failures.
The vulnerability of the Nested iFrame Handler component in the Firefox web browser is related to an incorrect SameSite attribute in the cookie file. Exploiting this vulnerability can allow a remote attacker to access sensitive data, compromise its integrity, and cause service interruptions...
RHEL 8 : container-tools:rhel8 (RHSA-2024:7769)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:7769 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: encoding/gob: golan...
RHEL 8 : go-toolset:rhel8 (RHSA-2024:7488)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:7488 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: encoding/gob: golang: Calli...
go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion
A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion...
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
SUSE CVE-2024-50115
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory Ignore nCR34:0 when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforce 32-byte alignment of...