CVE-2022-32189 – Panic when decoding Float and Rat types in math/big
https://notcve.org/view.php?id=CVE-2022-32189
A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service. Un mensaje codificado demasiado corto puede causar un pánico en Float.GobDecode y Rat GobDecode en math/big en Go versiones anteriores a 1.17.13 y 1.18.5, permitiendo potencialmente una denegación de servicio An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability. • https://go.dev/cl/417774 https://go.dev/issue/53871 https://go.googlesource.com/go/+/055113ef364337607e3e72ed7d48df67fde6fc66 https://groups.google.com/g/golang-announce/c/YqYYG87xB10 https://pkg.go.dev/vuln/GO-2022-0537 https://access.redhat.com/security/cve/CVE-2022-32189 https://bugzilla.redhat.com/show_bug.cgi?id=2113814 • CWE-400: Uncontrolled Resource Consumption •
CVE-2022-30629 – Session tickets lack random ticket_age_add in crypto/tls
https://notcve.org/view.php?id=CVE-2022-30629
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. Valores no aleatorios para la función ticket_age_add en los tickets de sesión en crypto/tls versiones anteriores a Go 1.17.11 y Go 1.18.3, permiten a un atacante que pueda observar los handshakes TLS correlacionar conexiones sucesivas comparando las edades de los tickets durante la reanudación de la sesión A flaw was found in the crypto/tls golang package. When session tickets are generated by crypto/tls, it is missing the ticket expiration. This issue may allow an attacker to observe the TLS handshakes to correlate successive connections during session resumption. • https://go.dev/cl/405994 https://go.dev/issue/52814 https://go.googlesource.com/go/+/fe4de36198794c447fbd9d7cc2d7199a506c76a5 https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ https://pkg.go.dev/vuln/GO-2022-0531 https://access.redhat.com/security/cve/CVE-2022-30629 https://bugzilla.redhat.com/show_bug.cgi?id=2092793 • CWE-330: Use of Insufficiently Random Values CWE-331: Insufficient Entropy •
CVE-2022-29804 – Path traversal via Clean on Windows in path/filepath
https://notcve.org/view.php?id=CVE-2022-29804
Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack. En filepath.Clean en path/filepath en Go versiones anteriores a 1.17.11 y en 1.18.x antes de 1.18.3 en Windows, las rutas inválidas como .\c: podían convertirse en rutas válidas (como c: en este ejemplo). • https://go.dev/cl/401595 https://go.dev/issue/52476 https://go.googlesource.com/go/+/9cd1818a7d019c02fa4898b3e45a323e35033290 https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ https://pkg.go.dev/vuln/GO-2022-0533 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2022-30633 – Stack exhaustion when unmarshaling certain documents in encoding/xml
https://notcve.org/view.php?id=CVE-2022-30633
Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag. Una recursión no controlada en Unmarshal en encoding/xml versiones anteriores a Go 1.17.12 y Go 1.18.4 permite a un atacante causar un pánico debido al agotamiento de la pila por medio de unmarshal de un documento XML en una estructura Go que presenta un campo anidado que usa la etiqueta de campo 'any' A flaw was found in golang. Calling Unmarshal on an XML document into a Go struct, which has a nested field that uses the "any" field tag, can cause a panic due to stack exhaustion. • https://go.dev/cl/417061 https://go.dev/issue/53611 https://go.googlesource.com/go/+/c4c1993fd2a5b26fe45c09592af6d3388a3b2e08 https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://pkg.go.dev/vuln/GO-2022-0523 https://access.redhat.com/security/cve/CVE-2022-30633 https://bugzilla.redhat.com/show_bug.cgi?id=2107392 • CWE-674: Uncontrolled Recursion CWE-1325: Improperly Controlled Sequential Memory Allocation •
CVE-2022-30635 – Stack exhaustion when decoding certain messages in encoding/gob
https://notcve.org/view.php?id=CVE-2022-30635
Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures. Una recursión no controlada en el archivo Decoder.Decode en encoding/gob versiones anteriores a Go 1.17.12 y Go 1.18.4, permite a un atacante causar un pánico debido al agotamiento de la pila por medio de un mensaje que contiene estructuras profundamente anidadas A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability. • https://go.dev/cl/417064 https://go.dev/issue/53615 https://go.googlesource.com/go/+/6fa37e98ea4382bf881428ee0c150ce591500eb7 https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://pkg.go.dev/vuln/GO-2022-0526 https://access.redhat.com/security/cve/CVE-2022-30635 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 • CWE-674: Uncontrolled Recursion CWE-1325: Improperly Controlled Sequential Memory Allocation •