CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6865 matches found

OSV•added 2024/09/10 2:16 p.m.•20 views

SUSE-SU-2024:3197-1 Security update for go1.23

This update for go1.23 fixes the following issues: - Update go v1.23.1 - CVE-2024-34155: Fixed stack exhaustion in all Parse functions. bsc1230252 - CVE-2024-34156: Fixed stack exhaustion in Decoder.Decode. bsc1230253 - CVE-2024-34158: Fixed stack exhaustion in Parse. bsc1230254...

7.5CVSS7.8AI score0.00298EPSS

Exploits0References8

OSV•added 2024/09/10 2:10 p.m.•21 views

SUSE-SU-2024:3196-1 Security update for go1.22

This update for go1.22 fixes the following issues: - Update to go v1.22.7 - CVE-2024-34155: Fixed stack exhaustion in all Parse functions. bsc1230252 - CVE-2024-34156: Fixed stack exhaustion in Decoder.Decode. bsc1230253 - CVE-2024-34158: Fixed stack exhaustion in Parse. bsc1230254...

7.5CVSS7.9AI score0.00298EPSS

Exploits0References8

OSV•added 2024/09/10 7:6 a.m.•9 views

BIT-GOLANG-2024-34155 Stack exhaustion in all Parse functions in go/parser

Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...

4.3CVSS5.9AI score0.00081EPSS

Exploits0References6

OSV•added 2024/09/10 7:6 a.m.•14 views

BIT-GOLANG-2024-34158 Stack exhaustion in Parse in go/build/constraint

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion...

7.5CVSS7.2AI score0.00163EPSS

Exploits0References6

Positive Technologies•added 2024/09/09 12:0 a.m.•1 views

PT-2024-39044 · WordPress · Affiliate Super Assistent

Name of the Vulnerable Software and Affected Versions: The Affiliate Super Assistent plugin for WordPress versions up to, and including, 1.5.3 Description: The issue is due to the software allowing users to supply arbitrary shortcodes in comments when the 'Parse comments' option is enabled. This...

7.3CVSS7.6AI score0.01867EPSS

Exploits0References13

RedhatCVE•added 2024/09/07 12:9 a.m.•17 views

CVE-2024-34155

A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion. Mitigation Mitigation for this issue is either not available or the currently available options do n...

5.9CVSS6.2AI score0.00081EPSS

Exploits0References7

RedhatCVE•added 2024/09/06 11:42 p.m.•23 views

CVE-2024-34158

A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion. Mitigation Mitigation for this issue is either not available or the currently available optio...

5.9CVSS7.3AI score0.00163EPSS

Exploits0References7

OSV•added 2024/09/06 9:15 p.m.•4 views

AZL-79078 CVE-2024-34158 affecting package golang 1.25.7-1

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion...

7.5CVSS6.9AI score0.00163EPSS

Exploits0References1

OSV•added 2024/09/06 9:15 p.m.•8 views

CVE-2024-34158

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion...

6.8AI score

Exploits0References5

NVD•added 2024/09/06 9:15 p.m.•27 views

CVE-2024-34158

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion...

7.5CVSS0.00163EPSS

Exploits0References5

NVD•added 2024/09/06 9:15 p.m.•17 views

CVE-2024-34155

Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...

4.3CVSS0.00081EPSS

Exploits0References5

CVE•added 2024/09/06 8:42 p.m.•318 views

CVE-2024-34158

CVE-2024-34158 concerns Go’s build constraint parsing (the // +build tag) where deeply nested expressions can trigger a panic/stack exhaustion. The connected advisories consistently describe the same issue affecting golang build/constraint handling and note that patches are available via vendor O...

7.5CVSS7.1AI score0.00163EPSS

Exploits0References5

Debian CVE•added 2024/09/06 8:42 p.m.•14 views

CVE-2024-34155

Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...

4.3CVSS6.3AI score0.00081EPSS

Exploits0

Vulnrichment•added 2024/09/06 8:42 p.m.•13 views

CVE-2024-34155 Stack exhaustion in all Parse functions in go/parser

Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...

6.9AI score0.00081EPSS

Exploits0References4

Debian CVE•added 2024/09/06 8:42 p.m.•20 views

CVE-2024-34158

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion...

7.5CVSS6.7AI score0.00163EPSS

Exploits0

CVE•added 2024/09/06 8:42 p.m.•331 views

CVE-2024-34155

CVE-2024-34155 concerns the Go tooling stack: parsing Go source with deeply nested literals can panic due to stack exhaustion. The connected advisories confirm this affects core Go components such as the parser, encoding/gob (Decode), and go/build/constraint (Parse) when handling deeply nested in...

4.3CVSS6.8AI score0.00081EPSS

Exploits0References5