82 matches found
AZL-54404 CVE-2024-45338 affecting package docker-buildx for versions less than 0.14.0-3
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...
UBUNTU-CVE-2024-45338
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...
go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion
A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion...
go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion
A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion...
go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion
A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion...
go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion
A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion...
Important: Red Hat Security Advisory: Red Hat build of Cryostat security update
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion
A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.23 (SUSE-SU-2024:3214-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3214-1 advisory. - Update go v1.23.1 - CVE-2024-34155: Fixed stack exhaustion in all Parse functions. bsc1230252 ...
SUSE-SU-2024:3214-1 Security update for go1.23
This update for go1.23 fixes the following issues: - Update go v1.23.1 - CVE-2024-34155: Fixed stack exhaustion in all Parse functions. bsc1230252 - CVE-2024-34156: Fixed stack exhaustion in Decoder.Decode. bsc1230253 - CVE-2024-34158: Fixed stack exhaustion in Parse. bsc1230254...
SUSE SLES12 Security Update : go1.22 (SUSE-SU-2024:3196-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3196-1 advisory. - Update to go v1.22.7 - CVE-2024-34155: Fixed stack exhaustion in all Parse functions. bsc1230252 - CVE-2024-34156: Fixed stack...
SUSE-SU-2024:3197-1 Security update for go1.23
This update for go1.23 fixes the following issues: - Update go v1.23.1 - CVE-2024-34155: Fixed stack exhaustion in all Parse functions. bsc1230252 - CVE-2024-34156: Fixed stack exhaustion in Decoder.Decode. bsc1230253 - CVE-2024-34158: Fixed stack exhaustion in Parse. bsc1230254...
BIT-GOLANG-2024-34155 Stack exhaustion in all Parse functions in go/parser
Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...
CVE-2024-34155
A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion. Mitigation Mitigation for this issue is either not available or the currently available options do n...
CVE-2024-34155
Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...
CVE-2024-34155 Stack exhaustion in all Parse functions in go/parser
Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...
CVE-2024-34155 Stack exhaustion in all Parse functions in go/parser
Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...
CVE-2024-34155
CVE-2024-34155 concerns the Go tooling stack: parsing Go source with deeply nested literals can panic due to stack exhaustion. The connected advisories confirm this affects core Go components such as the parser, encoding/gob (Decode), and go/build/constraint (Parse) when handling deeply nested in...
CVE-2024-34155
Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...
GO-2024-3105 Stack exhaustion in all Parse functions in go/parser
Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...