Количество 8
Количество 8
CVE-2024-37298
gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could be vulnerable to this memory exhaustion vulnerability. Version 1.4.1 contains a patch for the issue.
CVE-2024-37298
gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could be vulnerable to this memory exhaustion vulnerability. Version 1.4.1 contains a patch for the issue.
CVE-2024-37298
gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could be vulnerable to this memory exhaustion vulnerability. Version 1.4.1 contains a patch for the issue.
CVE-2024-37298
CVE-2024-37298
gorilla/schema converts structs to and from form values. Prior to vers ...
GHSA-3669-72x9-r9p3
Potential memory exhaustion attack due to sparse slice deserialization
ELSA-2024-6194
ELSA-2024-6194: podman security update (IMPORTANT)
ELSA-2024-5258
ELSA-2024-5258: container-tools:ol8 security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-37298 gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could be vulnerable to this memory exhaustion vulnerability. Version 1.4.1 contains a patch for the issue. | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
 | CVE-2024-37298 gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could be vulnerable to this memory exhaustion vulnerability. Version 1.4.1 contains a patch for the issue. | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
 | CVE-2024-37298 gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could be vulnerable to this memory exhaustion vulnerability. Version 1.4.1 contains a patch for the issue. | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
 | CVSS3: 7.5 | 0% Низкий | около 1 года назад | |
| CVE-2024-37298 gorilla/schema converts structs to and from form values. Prior to vers ... | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| GHSA-3669-72x9-r9p3 Potential memory exhaustion attack due to sparse slice deserialization | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| ELSA-2024-6194 ELSA-2024-6194: podman security update (IMPORTANT) | 11 месяцев назад | ||
| ELSA-2024-5258 ELSA-2024-5258: container-tools:ol8 security update (IMPORTANT) | 11 месяцев назад |
Уязвимостей на страницу