CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-24921 – golang: regexp: stack exhaustion via a deeply nested expression
https://notcve.org/view.php?id=CVE-2022-24921
regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression. El archivo regexp.Compile en Go versiones anteriores a 1.16.15 y versiones 1.17.x anteriores a 1.17.8, permite un agotamiento de la pila por medio de una expresión profundamente anidada A stack overflow flaw was found in Golang's regexp module, which can crash the runtime if the application using regexp accepts very long or arbitrarily long regexps from untrusted sources that have sufficient nesting depths. To exploit this vulnerability, an attacker would need to send large regexps with deep nesting to the application. Triggering this flaw leads to a crash of the runtime, which causes a denial of service. • https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html https://security.gentoo.org/glsa/202208-02 https://security.netapp.com/advisory/ntap-20220325-0010 https://access.redhat.com/security/cve/CVE-2022-24921 https:/ • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 3CVE-2022-23773 – golang: cmd/go: misinterpretation of branch names can lead to incorrect access control
https://notcve.org/view.php?id=CVE-2022-23773
cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags. cmd/go en Go versiones anteriores a 1.16.14 y versiones 1.17.x anteriores a 1.17.7, puede malinterpretar nombres de rama que falsamente parecen ser etiquetas de versión. Esto puede conllevar a un control de acceso incorrecto si supone que un actor puede crear ramas pero no etiquetas A flaw was found in the go package of the cmd library in golang. The go command could be tricked into accepting a branch, which resembles a version tag. This issue could allow a remote unauthenticated attacker to bypass security restrictions and introduce invalid or incorrect tags, reducing the integrity of the environment. • https://github.com/danbudris/CVE-2022-23773-repro https://github.com/danbudris/CVE-2022-23773-repro-target https://github.com/YouShengLiu/CVE-2022-23773-Reproduce https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ https://security.gentoo.org/glsa/202208-02 https://security.netapp.com/advisory/ntap-20220225-0006 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-23773 https://bugzilla.redhat.com/show_bug.cgi?id=2053541 • CWE-436: Interpretation Conflict CWE-1220: Insufficient Granularity of Access Control •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-23772 – golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString
https://notcve.org/view.php?id=CVE-2022-23772
Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. Rat.SetString en el archivo math/big en Go versiones anteriores a 1.16.14 y versiones 1.17.x anteriores a 1.17.7, presenta un desbordamiento que puede conllevar a un Consumo de Memoria no Controlado A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issue could allow a remote attacker to impact the availability of the system. • https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html https://security.gentoo.org/glsa/202208-02 https://security.netapp.com/advisory/ntap-20220225-0006 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-23772 https://bugzilla.redhat.com/show_bug.cgi?id=2053532 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-23806 – golang: crypto/elliptic: IsOnCurve returns true for invalid field elements
https://notcve.org/view.php?id=CVE-2022-23806
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element. Curve.IsOnCurve en crypto/elliptic en Go versiones anteriores a 1.16.14 y versiones 1.17.x anteriores a 1.17.7, puede devolver incorrectamente true en situaciones con un valor big.Int que no es un elemento de campo válido A flaw was found in the elliptic package of the crypto library in golang when the IsOnCurve function could return true for invalid field elements. This flaw allows an attacker to take advantage of this undefined behavior, affecting the availability and integrity of the resource. • https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html https://security.gentoo.org/glsa/202208-02 https://security.netapp.com/advisory/ntap-20220225-0006 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-23806 https://bugzilla&# • CWE-252: Unchecked Return Value •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-39293 – golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)
https://notcve.org/view.php?id=CVE-2021-39293
In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196. En archive/zip en Go versiones anteriores a 1.16.8 y 1.17.x versiones anteriores a 1.17.1, un encabezado de archivo diseñada (designando falsamente que hay muchos archivos presentes) puede causar un pánico en NewReader o OpenReader. NOTA: este problema se presenta debido a una corrección incompleta de CVE-2021-33196 A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. • https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf https://groups.google.com/g/golang-announce/c/dx9d7IOseHw https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html https://security.netapp.com/advisory/ntap-20220217-0009 https://access.redhat.com/security/cve/CVE-2021-39293 https://bugzilla.redhat.com/show_bug.cgi?id=2006044 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •