5 matches found
Infinite loop
Overview std/encoding/binary is a Go standard library package std/encoding/binary Affected versions of this package are vulnerable to Infinite loop. Go Vulnerability Report: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs.Certain invalid inputs to ReadUvarint ...
golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The...
DEBIAN-CVE-2021-29482
xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input. The problem has been fixed in release v0.5.8. As a workaround users can limit the size o...
golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The...
golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The...