Описание
golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | released | 0.3.7-1 |
| esm-apps/focal | released | 0.3.2-4ubuntu0.1 |
| esm-apps/jammy | released | 0.3.7-1 |
| esm-apps/noble | released | 0.3.7-1 |
| esm-infra-legacy/trusty | DNE | |
| focal | released | 0.3.2-4ubuntu0.1 |
| impish | ignored | end of life |
| jammy | released | 0.3.7-1 |
| kinetic | released | 0.3.7-1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 0.0~git20170627.0.6353ef0-1ubuntu2.1 |
| devel | DNE | |
| esm-apps/bionic | released | 0.0~git20170627.0.6353ef0-1ubuntu2.1 |
| esm-apps/focal | ignored | transitional package |
| esm-infra/xenial | needed | |
| focal | ignored | end of standard support, was ignored [transitional package] |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| lunar | DNE |
Показывать по
EPSS
7.5 High
CVSS3
Связанные уязвимости
golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.
golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.
golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic ...
golang.org/x/text/language Out-of-bounds Read vulnerability
EPSS
7.5 High
CVSS3