Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

GoogleOSV:GO-2022-0477

HistoryJun 09, 2022 - 1:43 a.m.

Vulners
/
Osv
/
Indefinite hang with large buffers on Windows in crypto/rand

Indefinite hang with large buffers on Windows in crypto/rand

2022-06-0901:43:37

Google

osv.dev

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

51.7%

JSON

On Windows, rand.Read will hang indefinitely if passed a buffer larger than 1 << 32 - 1 bytes.

CPENameOperatorVersion
stdliblt1.18.3
stdliblt1.17.11
stdlibge1.18.0-0

Name	Operator	Version
stdlib	lt	1.18.3
stdlib	lt	1.17.11
stdlib	ge	1.18.0-0

References

go.dev/cl/402257

go.dev/issue/52561

go.googlesource.com/go/+/bb1f4416180511231de6d17a1f2f55c82aafc863

groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ

veracode 1

cvelist 1

alpinelinux 1

osv 2

prion 1

ubuntucve 1

nvd 1

cve 1

debiancve 1

suse 2

openvas 10

nessus 17

freebsd 1

altlinux 2

oraclelinux 2

ibm 7

amazon 2

photon 3

veracode

Denial Of Service (DoS)

2022-07-18 06:48:12

cvelist

CVE-2022-30634 Indefinite hang with large buffers on Windows in crypto/rand

2022-07-15 19:36:19

alpinelinux

CVE-2022-30634

2022-07-15 20:15:08

osv

BIT-golang-2022-30634

2024-03-06 10:59:32

CVE-2022-30634

2022-07-15 20:15:08

prion

Spoofing

2022-07-15 20:15:00

ubuntucve

CVE-2022-30634

2022-07-15 00:00:00

nvd

CVE-2022-30634

2022-07-15 20:15:08

cve

CVE-2022-30634

2022-07-15 20:15:08

debiancve

CVE-2022-30634

2022-07-15 20:15:08

suse

Security update for go1.18 (important)

2022-06-07 00:00:00

Security update for go1.17 (important)

2022-06-07 00:00:00

openvas

openSUSE: Security Advisory for go1.18 (SUSE-SU-2022:2005-1)

2022-06-08 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:2005-1)

2022-06-08 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:2004-1)

2022-06-08 00:00:00

nessus

SUSE SLED15 / SLES15 Security Update : go1.18 (SUSE-SU-2022:2005-1)

2022-06-08 00:00:00

SUSE SLED15 / SLES15 Security Update : go1.17 (SUSE-SU-2022:2004-1)

2022-06-08 00:00:00

FreeBSD : go -- multiple vulnerabilities (15888c7e-e659-11ec-b7fe-10c37b4ac2ea)

2022-06-07 00:00:00

freebsd

go -- multiple vulnerabilities

2022-06-01 00:00:00

altlinux

Security fix for the ALT Linux 10 package golang version 1.17.11-alt1.p10

2022-06-14 00:00:00

Security fix for the ALT Linux 10 package golang version 1.18.3-alt1

2022-06-12 00:00:00

oraclelinux

ol8addon security update

2022-07-12 00:00:00

go-toolset:ol8addon security update

2022-07-12 00:00:00

ibm

Security Bulletin: Vulnerabilities in Golang Go and MinIO may affect IBM Spectrum Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift (CVE-2022-29804, CVE-2022-30580, CVE-2022-30629, CVE-2022-30634, CVE-2022-35919, CVE-2022-31028)

2022-09-17 13:44:52

Security Bulletin: Vulnerabilities in Golang Go, PostgreSQL, jQuery, and Google Gson may affect IBM Spectrum Copy Data Management

2022-09-17 01:47:32

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Go

2022-10-13 22:18:33

amazon

Important: golang

2023-04-13 19:28:00

Important: golang

2023-04-13 19:01:00

photon

Critical Photon OS Security Update - PHSA-2023-5.0-0046

2023-07-09 00:00:00

Critical Photon OS Security Update - PHSA-2023-3.0-0611

2023-07-12 00:00:00

Critical Photon OS Security Update - PHSA-2023-4.0-0419

2023-07-03 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

51.7%

JSON

Related for OSV:GO-2022-0477