Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:27998
HistoryNov 27, 2020 - 3:55 a.m.

Denial Of Service (DoS)

2020-11-2703:55:17
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
19
denial of service
github.com
golang/go
math/big
vulnerability
divisor
modulo
panic
methods

EPSS

0.005

Percentile

76.5%

math/big in github.com/golang/go is vulnerable to denial of service. An attacker can send a divisor or modulo argument larger than 3168 bits (on 32-bit architectures) or 6336 bits (on 64-bit architectures) to a number of math/big.Int methods (Div, Exp, DivMod, Quo, Rem, QuoRem, Mod, ModInverse, ModSqrt, Jacobi, and GCD) causing a panic to happen.