Denial Of Service (DoS)

2023-04-1811:40:19

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

vulnerability

github

golang

small allocation

dos

cpu

memory

software

0.005 Low

EPSS

Percentile

77.3%

JSON

github.com/golang/go is vulnerable to Denial of Service (DoS) attacks. An attacker is able to put increased pressure on the garbage collector due to a large numbers of small allocations with short-lived buffers which may lead to the consumption of large amounts of CPU and memory, potentially leading to Denial of Service conditions.

CPENameOperatorVersion
github.com/golang/golego1.20.2
github.com/golang/golego1.19.7
go:3.17eq1.19.5-r0
go:3.17eq1.19.3-r0
go:3.17eq1.19.7-r0
go:3.17eq1.19.6-r0
go:3.17eq1.19.4-r0
go:3.17eq1.19.2-r0
github.com/golang/golego1.20.2
github.com/golang/golego1.19.7

Name	Operator	Version
github.com/golang/go	le	go1.20.2
github.com/golang/go	le	go1.19.7
go:3.17	eq	1.19.5-r0
go:3.17	eq	1.19.3-r0
go:3.17	eq	1.19.7-r0
go:3.17	eq	1.19.6-r0
go:3.17	eq	1.19.4-r0
go:3.17	eq	1.19.2-r0
github.com/golang/go	le	go1.20.2
github.com/golang/go	le	go1.19.7