Closed github-actions[bot] closed 2 weeks ago
https://avd.aquasec.com/nvd/cve-2024-34156
Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Projects: person-search-index-from-delius Locations: stdlib:1.23.0 () References: https://access.redhat.com/errata/RHSA-2024:7204 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://errata.almalinux.org/9/ALSA-2024-7204.html https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-7262.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://www.cve.org/CVERecord?id=CVE-2024-34156
Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
stdlib:1.23.0 ()
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
https://avd.aquasec.com/nvd/cve-2024-34156