6 matches found
golang: regexp/syntax: limit memory used by parsing regexps
A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as...
RHEL 9 : golang-github-cpuguy83-md2man (RHSA-2023:2592)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:2592 advisory. go-md2man converts markdown into roff man pages. Security Fixes: golang: regexp/syntax: limit memory used by parsing regexps CVE-2022-41715 For more...
ALSA-2023:2592 Moderate: golang-github-cpuguy83-md2man security, bug fix, and enhancement update
go-md2man converts markdown into roff man pages. Security Fixes: golang: regexp/syntax: limit memory used by parsing regexps CVE-2022-41715 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed...
go-toolset and golang security and bug fix update
An update is available for golang, go-toolset. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset provides the Go programming language tools and librarie...
ALSA-2023:0328 Moderate: go-toolset and golang security and bug fix update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fixes: golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputi...
go -- multiple vulnerabilities
The Go project reports: archive/tar: unbounded memory consumption when reading headers Reader.Read did not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics...