github.com/golang/go is vulnerable to denial of service. An attacker can crash the application by providing a deeply nested regular expression to reuse function of parse.go

References

cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf

github.com/golang/go/commit/2b65cde5868d8245ef8a0b8eba1e361440252d3b

github.com/golang/go/commit/452f24ae94f38afa3704d4361d91d51218405c0a

github.com/golang/go/commit/ac071634c487eb6ac5422652de3c7c18fba7c522

github.com/golang/go/issues/51112

github.com/golang/go/issues/51117

groups.google.com/g/golang-announce/c/RP1hfrBYVuk

lists.debian.org/debian-lts-announce/2022/04/msg00017.html

lists.debian.org/debian-lts-announce/2022/04/msg00018.html

security.gentoo.org/glsa/202208-02

security.netapp.com/advisory/ntap-20220325-0010/

altlinux 2

ubuntucve 1

alpinelinux 1

prion 1

openvas 14

cvelist 1

osv 10

nvd 1

ibm 20

nessus 41

suse 2

debiancve 1

redhatcve 1

mageia 1

veracode 1

cnvd 1

cbl_mariner 3

cve 1

freebsd 1

oraclelinux 4

debian 3

photon 7

redhat 16

rocky 2

ics 1

amazon 4

gentoo 1

altlinux

Security fix for the ALT Linux 10 package golang version 1.16.15-alt1

2022-03-05 00:00:00

Security fix for the ALT Linux 10 package golang version 1.17.8-alt1

2022-03-04 00:00:00

ubuntucve

CVE-2022-24921

2022-03-05 00:00:00

alpinelinux

CVE-2022-24921

2022-03-05 20:15:08

prion

Stack overflow

2022-03-05 20:15:00

openvas

Mageia: Security Advisory (MGASA-2022-0126)

2022-04-01 00:00:00

openSUSE: Security Advisory for go1.17 (SUSE-SU-2022:1167-1)

2022-05-17 00:00:00

openSUSE: Security Advisory for go1.16 (SUSE-SU-2022:1164-1)

2022-05-17 00:00:00

cvelist

CVE-2022-24921

2022-03-05 00:00:00

osv

Stack exhaustion when compiling deeply nested expressions in regexp

2022-05-23 22:15:47

BIT-golang-2022-24921

2024-03-06 11:02:09

CVE-2022-24921

2022-03-05 20:15:08

nvd

CVE-2022-24921

2022-03-05 20:15:08

ibm

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Golang Go (CVE-2022-24921).

2023-01-12 21:59:00

Security Bulletin: IBM App Connect Enterprise Certified Container operator and IntegrationServer operands may be vulnerable to denial of service due to CVE-2022-24921

2022-11-04 17:18:14

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to stack exhaustion by Go CVE-2022-24921

2022-05-12 15:14:50

nessus

CBL Mariner 2.0 Security Update: python-tensorboard / golang (CVE-2022-24921)

2024-08-30 00:00:00

SUSE SLED15 / SLES15 Security Update : go1.16 (SUSE-SU-2022:1164-1)

2022-04-13 00:00:00

Photon OS 3.0: Go PHSA-2022-3.0-0375

2024-07-24 00:00:00

suse

Security update for go1.17 (important)

2022-04-12 00:00:00

Security update for go1.16 (important)

2022-04-12 00:00:00

debiancve

CVE-2022-24921

2022-03-05 20:15:08

redhatcve

CVE-2022-24921

2022-03-16 19:17:50

mageia

Updated golang packages fix security vulnerability

2022-03-31 22:55:37

veracode

Denial Of Service (DoS)

2022-03-06 20:27:23

cnvd

Google Go memory consumption vulnerability

2022-03-08 00:00:00

cbl_mariner

CVE-2022-24921 affecting package golang for versions less than 1.17.8-1

2022-04-26 19:57:46

CVE-2022-24921 affecting package python-tensorboard for versions less than 2.16.2-2

2024-07-24 01:44:36

CVE-2022-24921 affecting package golang 1.16.14-1

2022-04-07 06:04:08

cve

CVE-2022-24921

2022-03-05 20:15:08

freebsd

go -- multiple vulnerabilities

2022-02-09 00:00:00

oraclelinux

olcne istio istio security update

2022-05-09 00:00:00

olcne istio istio security update

2022-05-09 00:00:00

go-toolset:ol8addon security update

2022-06-08 00:00:00

debian

[SECURITY] [DLA 2985-1] golang-1.7 security update

2022-04-28 09:57:28

[SECURITY] [DLA 2986-1] golang-1.8 security update

2022-04-28 09:57:43

[SECURITY] [DLA 3395-1] golang-1.11 security update

2023-04-19 21:42:48

photon

Important Photon OS Security Update - PHSA-2022-0457

2022-03-29 00:00:00

Important Photon OS Security Update - PHSA-2022-0194

2022-06-05 00:00:00

Important Photon OS Security Update - PHSA-2022-4.0-0194

2022-06-05 00:00:00

redhat

(RHSA-2022:5415) Moderate: go-toolset-1.17 and go-toolset-1.17-golang security and bug fix update

2022-06-28 19:06:19

(RHSA-2022:5337) Moderate: go-toolset:rhel8 security and bug fix update

2022-06-28 10:54:21

(RHSA-2022:5729) Moderate: OpenShift Container Platform 4.10.25 security update

2022-08-01 11:00:16

rocky

go-toolset:rhel8 security and bug fix update

2022-06-28 10:54:21

go-toolset and golang security and bug fix update

2022-08-01 15:29:25

ics

Siemens Brownfield Connectivity Gateway

2023-02-16 12:00:00

amazon

Important: golang

2022-04-25 03:47:00

Important: golang

2022-07-06 03:11:00

Important: golang

2022-07-28 21:55:00

gentoo

Go: Multiple Vulnerabilities

2022-08-04 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.004

Percentile

73.2%

JSON

Related for VERACODE:34539