Lucene search
K

5 matches found

OSV
OSV
added 2024/06/05 4:15 p.m.4 views

AZL-42386 CVE-2024-24790 affecting package msft-golang for versions less than 1.21.6-1

The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms...

9.8CVSS6.9AI score0.01952EPSS
Exploits0References1
OSV
OSV
added 2023/06/08 9:15 p.m.7 views

AZL-37337 CVE-2023-29404 affecting package golang for versions less than 1.21.6-1

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...

9.8CVSS7.3AI score0.01837EPSS
Exploits0References1
OSV
OSV
added 2023/04/06 4:15 p.m.5 views

AZL-37484 CVE-2023-24534 affecting package golang for versions less than 1.21.6-1

HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. Certain unusual patterns of input data can cause the common function used to parse HTTP and MIME headers to allocate substantially more memory than requir...

7.5CVSS6.6AI score0.01888EPSS
Exploits0References1
OSV
OSV
added 2023/02/28 6:15 p.m.5 views

AZL-37487 CVE-2022-41725 affecting package golang for versions less than 1.21.6-1

A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request...

7.5CVSS6.5AI score0.01231EPSS
Exploits0References1
OSV
OSV
added 2022/10/14 3:15 p.m.6 views

AZL-37526 CVE-2022-2879 affecting package golang for versions less than 1.21.6-1

Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.7AI score0.01544EPSS
Exploits0References1
Rows per page
Query Builder