CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
47.6%
Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources.
resources. Exploitation of the vulnerability could allow an attacker to cause a denial of service
A vulnerability in the decoder component of the Golang programming language is related to excessive CPU load during decoding.
decoding. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service.
denial of service
A vulnerability in the Golang programming language decoder is related to decoding large amounts of compressed data, consuming an excessive amount of CPU usage during decoding.
data, consuming excessive amounts of memory and CPU. Exploitation of the vulnerability could allow
an attacker acting remotely to cause a denial of service
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | golang-x-image-devel | < 0.13.0-1 | UNKNOWN |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
47.6%