Количество 5
Количество 5
CVE-2021-29482
xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input. The problem has been fixed in release v0.5.8. As a workaround users can limit the size of the compressed file input to a reasonable size for their use case. The standard library had recently the same issue and got the CVE-2020-16845 allocated.
CVE-2021-29482
xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input. The problem has been fixed in release v0.5.8. As a workaround users can limit the size of the compressed file input to a reasonable size for their use case. The standard library had recently the same issue and got the CVE-2020-16845 allocated.
CVE-2021-29482
xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input. The problem has been fixed in release v0.5.8. As a workaround users can limit the size of the compressed file input to a reasonable size for their use case. The standard library had recently the same issue and got the CVE-2020-16845 allocated.
CVE-2021-29482
xz is a compression and decompression library focusing on the xz forma ...
GHSA-25xm-hr59-7c27
github.com/ulikunitz/xz fixes readUvarint Denial of Service (DoS)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-29482 xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input. The problem has been fixed in release v0.5.8. As a workaround users can limit the size of the compressed file input to a reasonable size for their use case. The standard library had recently the same issue and got the CVE-2020-16845 allocated. | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-29482 xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input. The problem has been fixed in release v0.5.8. As a workaround users can limit the size of the compressed file input to a reasonable size for their use case. The standard library had recently the same issue and got the CVE-2020-16845 allocated. | CVSS3: 7.5 | 0% Низкий | около 5 лет назад |
 | CVE-2021-29482 xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input. The problem has been fixed in release v0.5.8. As a workaround users can limit the size of the compressed file input to a reasonable size for their use case. The standard library had recently the same issue and got the CVE-2020-16845 allocated. | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
| CVE-2021-29482 xz is a compression and decompression library focusing on the xz forma ... | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
| GHSA-25xm-hr59-7c27 github.com/ulikunitz/xz fixes readUvarint Denial of Service (DoS) | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
Уязвимостей на страницу