Back

CVE-2024-34158

Sept. 6, 2024, 9:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Go programming language

Source

security@golang.org

Tags

security@golang.org
2024-09-06
CVE-2024-34158

CVE-2024-34158 details

Published : Sept. 6, 2024, 9:15 p.m.
Last Modified : Sept. 6, 2024, 9:15 p.m.

Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://go.dev/cl/611240 security@golang.org
https://go.dev/issue/69141 security@golang.org
https://groups.google.com/g/golang-dev/c/S9POB9NCTdk security@golang.org
https://pkg.go.dev/vuln/GO-2024-3107 security@golang.org
This website uses the NVD API, but is not approved or certified by it.