12 matches found
Out-of-bounds Read
Overview github.com/shamaton/msgpack/v3/time is a None Affected versions of this package are vulnerable to Out-of-bounds Read. via the Unmarshal, UnmarshalAsMap, UnmarshalAsArray, and Marshal functions, which invoke Decode. An attacker can cause a panic with truncated fixext data that triggers an...
golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS
A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...
CVE-2022-41719
Unmarshal can panic on some inputs, possibly allowing for denial of service attacks...
golang: encoding/xml: stack exhaustion in Unmarshal
A flaw was found in golang. Calling Unmarshal on an XML document into a Go struct, which has a nested field that uses the "any" field tag, can cause a panic due to stack exhaustion...
CVE-2022-41719
Unmarshal can panic on some inputs, possibly allowing for denial of service attacks...
CVE-2022-41719
Unmarshal can panic on some inputs, possibly allowing for denial of service attacks...
Denial of service
Unmarshal can panic on some inputs, possibly allowing for denial of service attacks...
CVE-2022-41719 Panic in github.com/shamaton/msgpack/v2
Unmarshal can panic on some inputs, possibly allowing for denial of service attacks...
PT-2022-26046 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 2.1.1 Description: The issue allows for denial of service attacks due to the Unmarshal function panicking on certain inputs. Recommendations: For versions prior to 2.1.1, update to version 2.1.1 to resolve the issu...
EulerOS 2.0 SP9 : golang (EulerOS-SA-2022-2288)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements if...
CVE-2022-30633 Stack exhaustion when unmarshaling certain documents in encoding/xml
Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag...
golang: encoding/xml: stack exhaustion in Unmarshal
A flaw was found in golang. Calling Unmarshal on an XML document into a Go struct, which has a nested field that uses the "any" field tag, can cause a panic due to stack exhaustion...