3 matches found
SUSE CVE-2020-14040
The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to...
UBUNTU-CVE-2020-14040
The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to...
PT-2020-13859 · Go +6 · X/Text +6
Name of the Vulnerable Software and Affected Versions: x/text package versions prior to 0.3.3 Description: The issue is related to the UTF-16 decoder in the encoding/unicode component, which could enter an infinite loop if a single byte is provided to a UTF16 decoder instantiated with UseBOM or...