Lucene search
K

6 matches found

RedHat Linux
RedHat Linux
added 2024/05/22 9:48 a.m.4 views

golang: regexp/syntax: limit memory used by parsing regexps

A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as...

7.5CVSS6.6AI score0.01339EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/05/12 12:0 a.m.32 views

RHEL 9 : golang-github-cpuguy83-md2man (RHSA-2023:2592)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:2592 advisory. go-md2man converts markdown into roff man pages. Security Fixes: golang: regexp/syntax: limit memory used by parsing regexps CVE-2022-41715 For more...

7.5CVSS7.1AI score0.01339EPSS
Exploits0References8
OSV
OSV
added 2023/05/09 12:0 a.m.40 views

ALSA-2023:2592 Moderate: golang-github-cpuguy83-md2man security, bug fix, and enhancement update

go-md2man converts markdown into roff man pages. Security Fixes: golang: regexp/syntax: limit memory used by parsing regexps CVE-2022-41715 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed...

7.5CVSS7.1AI score0.01339EPSS
Exploits0References4
Rockylinux
Rockylinux
added 2023/01/23 2:30 p.m.52 views

go-toolset and golang security and bug fix update

An update is available for golang, go-toolset. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset provides the Go programming language tools and librarie...

7.5CVSS7.9AI score0.01544EPSS
Exploits1
OSV
OSV
added 2023/01/23 12:0 a.m.45 views

ALSA-2023:0328 Moderate: go-toolset and golang security and bug fix update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fixes: golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputi...

7.5CVSS7.2AI score0.01544EPSS
Exploits1References8
FreeBSD
FreeBSD
added 2022/10/04 12:0 a.m.31 views

go -- multiple vulnerabilities

The Go project reports: archive/tar: unbounded memory consumption when reading headers Reader.Read did not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics...

7.7AI score
Exploits0References1
Rows per page
Query Builder