Lucene search
K
NetappKubernetes Monitoring Operator

4 matches found

CVE
CVE
added 2022/02/11 12:16 a.m.512 views

CVE-2022-23773

CVE-2022-23773 affects the Go toolchain component cmd/go. Impact: branch names may be misinterpreted as version tags, potentially granting inappropriate access to create branches but not tags. Affected: Go before 1.16.14 and 1.17.x before 1.17.7. Mitigation: upgrade to fixed releases (Go 1.16.14+...

7.5CVSS8.1AI score0.02698EPSS
CVE
CVE
added 2022/04/20 12:0 a.m.510 views

CVE-2022-24675

CVE-2022-24675 affects the encoding/pem component in Go, where Decode can overflow the stack when processing very large PEM data (reported for Go before 1.17.9 and 1.18.x before 1.18.1). The vulnerability can lead to a denial of service through a stack overflow, impacting availability. Affected r...

7.5CVSS9.5AI score0.0995EPSS
CVE
CVE
added 2022/02/11 12:0 a.m.504 views

CVE-2022-23806

CVE-2022-23806 affects Go's crypto/elliptic IsOnCurve, which can incorrectly return true when a big.Int value is not a valid field element. Impact: potential impact to availability and integrity as implied by the vulnerability description. Root cause is an out-of-spec check in IsOnCurve for inval...

9.1CVSS9.1AI score0.03015EPSS
CVE
CVE
added 2022/02/11 12:11 a.m.475 views

CVE-2022-23772

CVE-2022-23772 affects Go (golang) where Rat.SetString in math/big can overflow, leading to uncontrolled memory consumption. Connected advisories confirm this issue alongside other Go vulnerabilities (e.g., CVE-2022-23773, CVE-2022-23806) across multiple Go components (cmd/go, crypto/elliptic, ar...

7.8CVSS8.4AI score0.0283EPSS