FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-22 18:21:47 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
4ea1082a-1259-11ec-b4fa-dd5a552bdd17	go -- archive/zip: overflow in preallocation check can cause OOM panic The Go project reports: An oversight in the previous fix still allows for an OOM panic when the indicated directory size in the archive header is so large that subtracting it from the archive size overflows a uint64, effectively bypassing the check that the number of files in the archive is reasonable. Discovery 2021-08-18 Entry 2021-09-10 go < 1.17.1,1 CVE-2021-39293 https://github.com/golang/go/issues/47801

VuXML ID

Description

4ea1082a-1259-11ec-b4fa-dd5a552bdd17

go -- archive/zip: overflow in preallocation check can cause OOM panic

The Go project reports:

An oversight in the previous fix still allows for an OOM panic when the indicated directory size in the archive header is so large that subtracting it from the archive size overflows a uint64, effectively bypassing the check that the number of files in the archive is reasonable.

Discovery 2021-08-18
Entry 2021-09-10
go

< 1.17.1,1

CVE-2021-39293
https://github.com/golang/go/issues/47801