Go Standard Library Encoding Xml vulnerabilities
2 known vulnerabilities affecting go_standard_library/encoding_xml.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2022-30633HIGHCVSS 7.5fixed in 1.17.12≥ 1.18.0-0, < 1.18.42022-08-10
CVE-2022-30633 [HIGH] CWE-674 CVE-2022-30633: Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attack
Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag.
cvelistv5nvd
CVE-2022-28131HIGHCVSS 7.5fixed in 1.17.12≥ 1.18.0-0, < 1.18.42022-08-10
CVE-2022-28131 [HIGH] CWE-674 CVE-2022-28131: Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an att
Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document.
cvelistv5nvd