CVE-2022-32149

Опубликовано: 14 окт. 2022

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 7.5

Описание

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.

Релиз	Статус	Примечание
bionic	DNE
devel	not-affected	0.5.0-1
esm-apps/focal	released	0.3.2-4ubuntu0.1
esm-apps/jammy	released	0.3.7-1ubuntu0.20.04.1
esm-apps/noble	not-affected	0.5.0-1
focal	released	0.3.2-4ubuntu0.1
jammy	released	0.3.7-1ubuntu0.20.04.1
kinetic	released	0.3.7-1ubuntu0.22.10.1
lunar	ignored	end of life, was needed
mantic	not-affected	0.5.0-1

Показывать по

Релиз	Статус	Примечание
bionic	released	0.0~git20170627.0.6353ef0-1ubuntu2.1
devel	DNE
esm-apps/bionic	released	0.0~git20170627.0.6353ef0-1ubuntu2.1
esm-apps/focal	ignored	transitional package
esm-infra/xenial	needs-triage
focal	ignored	end of standard support, was ignored [transitional package]
impish	DNE
jammy	DNE
kinetic	DNE
lunar	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 17%

0.00054

Низкий

7.5 High

CVSS3

Связанные уязвимости

CVE-2022-32149

CVSS3: 7.5

redhat

больше 3 лет назад

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.

CVE-2022-32149

CVSS3: 7.5

nvd

больше 3 лет назад

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.

CVE-2022-32149

CVSS3: 7.5

msrc

больше 1 года назад

Описание отсутствует

CVE-2022-32149

CVSS3: 7.5

debian

больше 3 лет назад

An attacker may cause a denial of service by crafting an Accept-Langua ...

GHSA-69ch-w2m2-3vjp

CVSS3: 7.5

github

больше 3 лет назад

golang.org/x/text/language Denial of service via crafted Accept-Language header

EPSS

Процентиль: 17%

0.00054

Низкий

7.5 High

CVSS3

CVE-2022-32149

Описание

Пакет golang-golang-x-text

Пакет golang-x-text

Ссылки на источники

Связанные уязвимости