CVE-2022-30635

CVSS v3.1 7.5 (High)

EPSS 0.19 % (56^th)

Affected Products 1

Advisories 60

Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.

Weaknesses

CWE-674: Uncontrolled Recursion

Related CVEs

CVE-2024-34156

CVE Status: PUBLISHED
CNA: Go Project
Published Date: 2022-08-10 20:15:42
(2 years ago)
Updated Date: 2023-11-07 03:47:17
(10 months ago)

Affected Products

Golang

Configuration #1

		CPE23	From	Up To
	Golang Go prior 1.17.12 version	cpe:2.3:a:golang:go		< 1.17.12
	Golang Go from 1.18.0 version and prior 1.18.4 version	cpe:2.3:a:golang:go	>= 1.18.0	< 1.18.4