Lucene search
Veracode Vulnerability DatabaseVERACODE:36482HistoryJul 25, 2022 - 12:55 p.m.
Denial Of Service (DoS)
2022-07-2512:55:33
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
dos attack
stack exhaustion
software vulnerability
EPSS
0.002
Percentile
55.8%
go is vulnerable to denial of service attacks. Calling Decoder.Decode on a message which contains deeply nested structures may cause a system crash due to stack exhaustion.
References
go.dev/cl/417064
go.dev/issue/53615
go.googlesource.com/go/+/6fa37e98ea4382bf881428ee0c150ce591500eb7
groups.google.com/g/golang-announce/c/nqrv9fbR0zE
lists.fedoraproject.org/archives/list/[email protected]/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/
pkg.go.dev/vuln/GO-2022-0526
secdb.alpinelinux.org/edge/community.yaml
secdb.alpinelinux.org/v3.16/community.yaml
Related
cbl_mariner
cbl_mariner
CVE-2022-30635 affecting package golang 1.18.3-1
2022-09-17 05:56:44
CVE-2022-30635 affecting package golang for versions less than 1.18.5-1
2022-09-16 06:05:39
nessus
nessus
RHEL 9 : heketi (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 8 : heketi (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 9 : grafana-pcp (RHSA-2022:8250)
2022-11-16 00:00:00
cve
cve
CVE-2022-30635
2022-08-10 20:15:42
CVE-2024-34156
2024-09-06 21:15:12
osv
osv
BIT-golang-2022-30635
2024-03-06 10:59:22
CVE-2022-30635
2022-08-10 20:15:42
Stack exhaustion when decoding certain messages in encoding/gob
2022-07-20 20:52:17
debiancve
debiancve
CVE-2022-30635
2022-08-10 20:15:42
CVE-2024-34156
2024-09-06 21:15:12
alpinelinux
alpinelinux
CVE-2022-30635
2022-08-10 20:15:42
CVE-2024-34156
2024-09-06 21:15:12
nvd
nvd
CVE-2022-30635
2022-08-10 20:15:42
CVE-2024-34156
2024-09-06 21:15:12
ubuntucve
ubuntucve
CVE-2022-30635
2022-08-10 00:00:00
prion
prion
Design/Logic Flaw
2022-08-10 20:15:00
redhatcve
redhatcve
CVE-2022-30635
2022-07-15 10:32:37
CVE-2024-34156
2024-09-07 00:10:01
cvelist
cvelist
CVE-2024-34156 Stack exhaustion in Decoder.Decode in encoding/gob
2024-09-06 20:42:42
vulnrichment
vulnrichment
CVE-2024-34156 Stack exhaustion in Decoder.Decode in encoding/gob
2024-09-06 20:42:42
oraclelinux
oraclelinux
grafana-pcp security update
2022-11-15 00:00:00
grafana-pcp security update
2022-11-22 00:00:00
go-toolset:ol8 security and bug fix update
2022-08-03 00:00:00
rocky
rocky
grafana-pcp security update
2022-11-15 06:19:30
grafana-pcp security update
2022-11-08 06:25:29
git-lfs security and bug fix update
2022-10-25 07:32:51
redhat
redhat
(RHSA-2022:7648) Moderate: grafana-pcp security update
2022-11-08 06:25:29
(RHSA-2022:8250) Moderate: grafana-pcp security update
2022-11-15 06:19:30
(RHSA-2022:7129) Moderate: git-lfs security and bug fix update
2022-10-25 07:32:51
almalinux
almalinux
Moderate: grafana-pcp security update
2022-11-08 00:00:00
Moderate: grafana-pcp security update
2022-11-15 00:00:00
Important: go-toolset and golang security and bug fix update
2022-08-01 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-2710)
2022-11-04 00:00:00
Mageia: Security Advisory (MGASA-2022-0262)
2022-07-18 00:00:00
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-2317)
2022-09-14 00:00:00
ibm
ibm
freebsd
freebsd
go -- multiple vulnerabilities
2022-07-12 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package golang version 1.17.12-alt1.p10
2022-07-29 00:00:00
Security fix for the ALT Linux 10 package golang version 1.18.4-alt1
2022-07-28 00:00:00
mageia
mageia
Updated golang packages fix security vulnerability
2022-07-16 22:58:20
suse
suse
Security update for go1.17 (important)
2022-08-04 00:00:00
Security update for go1.18 (important)
2022-08-04 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-0242
2022-09-07 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0242
2022-09-07 00:00:00
amazon
amazon
Important: golist
2022-09-15 04:46:00
Important: golang-github-godbus-dbus
2022-10-17 21:46:00
Important: go-rpm-macros
2022-10-17 21:46:00