Go Standard Library Encoding Gob vulnerabilities
2 known vulnerabilities affecting go_standard_library/encoding_gob.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2024-34156HIGHCVSS 7.5fixed in 1.22.7≥ 1.23.0-0, < 1.23.12024-09-06
CVE-2024-34156 [HIGH] Stack exhaustion in Decoder.Decode in encoding/gob
Stack exhaustion in Decoder.Decode in encoding/gob
Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
cvelistv5
CVE-2022-30635HIGHCVSS 7.5fixed in 1.22.7≥ 1.23.0-0, < 1.23.12022-08-10
CVE-2022-30635 [HIGH] CWE-674 CVE-2022-30635: Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an a
Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.
cvelistv5nvd