Lucene search
Veracode Vulnerability DatabaseVERACODE:37053HistorySep 16, 2022 - 6:40 a.m.
Denial Of Service (DoS)
2022-09-1606:40:03
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
vulnerability
denial of service
remote attacker
system panic
out-of-bounds read
software
0.001 Low
EPSS
Percentile
49.4%
github.com/pandatix/go-cvss is vulnerable to denial of service (DoS) attacks. A remote attacker is able to cause a system panic, when a full CVSS v2.0 vector string is parsed through the ParseVector function, which leads to an out-of-bounds read causing the system hang.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/pandatix/go-cvss | le | v0.3.0 | |
| github.com/pandatix/go-cvss | le | v0.3.0 |
Related
cvelist
cvelist
CVE-2022-39213 Out-of-bounds Read in go-cvss
2022-09-15 21:45:12
cve
cve
CVE-2022-39213
2022-09-15 22:15:11
osv
osv
Go-CVSS has Out-of-bounds Read vulnerability in ParseVector function
2022-09-16 20:59:43
Panic in github.com/pandatix/go-cvss
2022-09-21 15:12:40
CVE-2022-39213
2022-09-15 22:15:11
prion
prion
Out-of-bounds
2022-09-15 22:15:00
nvd
nvd
CVE-2022-39213
2022-09-15 22:15:11
github
github
Go-CVSS has Out-of-bounds Read vulnerability in ParseVector function
2022-09-16 20:59:43