-
**Description**
A Nil Pointer Dereference in the golang.org/x/crypto/ssh component prior to v0.0.0-20201216223049-8b5274cf687f for Go allows remote attackers to cause a Denial of Service against SS…
-
**Description**
The package golang.org/x/crypto and github.com/golang/crypto versions v0.0.0-20160816185256-f0e11a3ccc7e through v0.0.0-20220518034528-6f7dac969898 are vulnerable to Path Traversal …
-
**Description**
The TIFF decoder does not place a limit on the size of compressed "tile" data. A maliciously-crafted image can exploit this to cause a small image (both in terms of pixel width/heig…
-
**Description**
Parsing a corrupt or malicious image with invalid color indices can cause a panic. This issue affects the package golang.org/x/image versions prior to 0.18.0.
**HIGH Vulnerable P…
-
**Description**
An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to "DecodeConfig". This could lead to a denial of service. The vulnerable …
-
**Description**
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded b…
-
**Description**
golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.
**HIGH Vulnerable Packag…
-
**Description**
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets…
-
**Description**
The packages golang.org/x/sys and github.com/golang/sys versions prior to v0.0.0-20220412211240-33da011f77ad has Incorrect Privilege Assignment. When called with a non-zero flags pa…
-
**Description**
"golang.org/x/crypto/ssh" before 0.0.0-20220314234659-1baeb1ce4c0b in Go through 1.16.15 and 1.17.x through 1.17.8 allows an attacker to crash a server in certain circumstances invo…