Lucene search
+L

4 matches found

CVE
CVE
added 2022/10/14 12:0 a.m.735 views

CVE-2022-32149

CVE-2022-32149 enables DoS by crafting an Accept-Language header that causes significant parsing delay in Go’s text parsing. Connected advisories show affected packages across multiple distributions with available fixes: Astra Linux notes golang-x-text; CBL-Mariner entries indicate patched versio...

7.5CVSS7.5AI score0.01428EPSS
CVE
CVE
added 2020/06/17 7:22 p.m.647 views

CVE-2020-14040

CVE-2020-14040 affects golang.org/x/text/encoding/unicode and golang.org/x/text/transform in the x/text package for Go, with a vulnerability in encoding/unicode that can cause the UTF-16 decoder to enter an infinite loop, potentially crashing or exhausting memory when a single byte is supplied to...

7.5CVSS7.3AI score0.01855EPSS
CVE
CVE
added 2022/12/26 12:0 a.m.644 views

CVE-2021-38561

CVE-2021-38561 affects golang.org/x/text/language in golang.org/x/text before 0.3.7, with a potential out-of-bounds read during BCP 47 language tag parsing that can cause DoS on untrusted input. Connected advisories confirm this vulnerability also affects several packages (e.g., podman, buildah, ...

7.5CVSS7.3AI score0.01356EPSS
CVE
CVE
added 2021/01/02 5:45 a.m.289 views

CVE-2020-28852

CVE-2020-28852 affects the Go x/text package, specifically a slice bounds out of range panic in language.ParseAcceptLanguage when processing a BCP 47 tag in HTTP Accept-Language headers. Version 0.3.5 of golang.org/x/text (or newer) fixes this; prior versions before v0.3.5 are affected. The issue...

7.5CVSS7.2AI score0.01674EPSS