Products
Go programming language
Source
security@golang.org
Tags
CVE-2024-34156 details
Published : Sept. 6, 2024, 9:15 p.m.
Last Modified : Sept. 6, 2024, 9:15 p.m.
Last Modified : Sept. 6, 2024, 9:15 p.m.
Description
Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
References
URL | Source |
---|---|
https://go.dev/cl/611239 | security@golang.org |
https://go.dev/issue/69139 | security@golang.org |
https://groups.google.com/g/golang-dev/c/S9POB9NCTdk | security@golang.org |
https://pkg.go.dev/vuln/GO-2024-3106 | security@golang.org |
This website uses the NVD API, but is not approved or certified by it.