CVE-2022-24675

Опубликовано: 20 апр. 2022

Источник: debian

EPSS Низкий

Описание

encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.

Пакет	Статус	Версия исправления	Релиз	Тип
golang-1.18	fixed	1.18.1-1		package
golang-1.17	fixed	1.17.9-1		package

EPSS

Процентиль: 40%

0.00179

Низкий

CVE-2022-24675

CVSS3: 7.5

ubuntu

около 3 лет назад

encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.

CVE-2022-24675

CVSS3: 7.5

redhat

около 3 лет назад

encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.

CVE-2022-24675

CVSS3: 7.5

nvd

около 3 лет назад

encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.

CVE-2022-24675

CVSS3: 7.5

msrc

около 3 лет назад

Описание отсутствует

GHSA-q42m-q8hq-53rj

CVSS3: 7.5

github

около 3 лет назад

encoding/pem in Go before 1.17.9 and 1.8.x before 1.8.1 has a Decode stack overflow via a large amount of PEM data.

EPSS

Процентиль: 40%

0.00179

Низкий