CVE-2022-32148 – Exposure of client IP addresses in net/http
https://notcve.org/view.php?id=CVE-2022-32148
Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. Una exposición inapropiada de las direcciones IP de los clientes en net/http versiones anteriores a Go 1.17.12 y Go 1.18.4, puede desencadenarse llamando a httputil.ReverseProxy.ServeHTTP con un mapa Request.Header que contenga un valor nulo para el encabezado X-Forwarded-For, lo que causa que ReverseProxy establezca la IP del cliente como valor de el encabezado X-Forwarded-For A flaw was found in net/http/httputil golang package. When httputil.ReverseProxy.ServeHTTP is called with a Request.Header map containing a nil value for the X-Forwarded-For header, ReverseProxy could set the client IP incorrectly. This issue may affect confidentiality. • https://go.dev/cl/412857 https://go.dev/issue/53423 https://go.googlesource.com/go/+/b2cc0fecc2ccd80e6d5d16542cc684f97b3a9c8a https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://pkg.go.dev/vuln/GO-2022-0520 https://access.redhat.com/security/cve/CVE-2022-32148 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2022-30631 – Stack exhaustion when reading certain archives in compress/gzip
https://notcve.org/view.php?id=CVE-2022-30631
Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. Una recursión no controlada en el archivo Reader.Read en compress/gzip versiones anteriores a Go 1.17.12 y Go 1.18.4, permite a un atacante causar un pánico debido al agotamiento de la pila por medio de un archivo que contenga un gran número de archivos comprimidos de longitud 0 concatenados A flaw was found in golang. Calling the Reader, Read method on an archive that contains a large number of concatenated 0-length compressed files can cause a panic issue due to stack exhaustion. • https://go.dev/cl/417067 https://go.dev/issue/53168 https://go.googlesource.com/go/+/b2b8872c876201eac2d0707276c6999ff3eb185e https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://pkg.go.dev/vuln/GO-2022-0524 https://access.redhat.com/security/cve/CVE-2022-30631 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 • CWE-674: Uncontrolled Recursion CWE-1325: Improperly Controlled Sequential Memory Allocation •
CVE-2022-28131 – Stack exhaustion from deeply nested XML documents in encoding/xml
https://notcve.org/view.php?id=CVE-2022-28131
Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document. En Decoder.Skip en encoding/xml en Go antes de 1.17.12 y 1.18.x antes de 1.18.4, el agotamiento de la pila y un pánico puede ocurrir a través de un documento XML profundamente anidado A flaw was found in golang encoding/xml. When calling Decoder, Skip while parsing a deeply nested XML document, a panic can occur due to stack exhaustion and allows an attacker to impact system availability. • https://go.dev/cl/417062 https://go.dev/issue/53614 https://go.googlesource.com/go/+/08c46ed43d80bbb67cb904944ea3417989be4af3 https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://pkg.go.dev/vuln/GO-2022-0521 https://access.redhat.com/security/cve/CVE-2022-28131 https://bugzilla.redhat.com/show_bug.cgi?id=2107390 • CWE-674: Uncontrolled Recursion CWE-1325: Improperly Controlled Sequential Memory Allocation •
CVE-2022-30634 – Indefinite hang with large buffers on Windows in crypto/rand
https://notcve.org/view.php?id=CVE-2022-30634
Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. Un bucle infinito en Read en crypto/rand versiones anteriores a Go 1.17.11 y Go 1.18.3 en Windows, permite a un atacante causar un cuelgue no definido pasando un buffer mayor de 1 << 32 - 1 bytes • https://go.dev/cl/402257 https://go.dev/issue/52561 https://go.googlesource.com/go/+/bb1f4416180511231de6d17a1f2f55c82aafc863 https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ https://pkg.go.dev/vuln/GO-2022-0477 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2022-29526 – golang: syscall: faccessat checks wrong group
https://notcve.org/view.php?id=CVE-2022-29526
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible. Go versiones anteriores a 1.17.10 y 1.18.x anteriores a 1.18.2, presenta una Asignación Incorrecta de Privilegios. Cuando es llamada con un parámetro flags distinto de cero, la función Faccessat podría informar incorrectamente de que un archivo es accesible A flaw was found in the syscall.Faccessat function when calling a process by checking the group. This flaw allows an attacker to check the process group permissions rather than a member of the file's group, affecting system availability. • https://github.com/golang/go/issues/52313 https://groups.google.com/g/golang-announce https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5 https://lists • CWE-269: Improper Privilege Management CWE-280: Improper Handling of Insufficient Permissions or Privileges •