data/reports/GO-2022-0972.yaml - vulndb - Git at Google

 modules:
   - module: github.com/shamaton/msgpack/v2
     versions:
       - fixed: 2.1.1
     vulnerable_at: 2.1.0
     packages:
       - package: github.com/shamaton/msgpack/v2
         symbols:
           - Unmarshal
 summary: 'TODO(https://go.dev/issue/56443): fill in summary field'
 description: |
     Unmarshal can panic on some inputs, possibly allowing for denial
     of service attacks.
 ghsas:
   - GHSA-jr77-8gx4-h5qh
 credits:
   - Red Canary
 references:
   - report: https://github.com/shamaton/msgpack/issues/31
   - fix: https://github.com/shamaton/msgpack/pull/32
 cve_metadata:
     id: CVE-2022-41719
     cwe: 'CWE 400: Uncontrolled Resource Consumption'
	modules:
	- module: github.com/shamaton/msgpack/v2
	versions:
	- fixed: 2.1.1
	vulnerable_at: 2.1.0
	packages:
	- package: github.com/shamaton/msgpack/v2
	symbols:
	- Unmarshal
	summary: 'TODO(https://go.dev/issue/56443): fill in summary field'
	description: \|
	Unmarshal can panic on some inputs, possibly allowing for denial
	of service attacks.
	ghsas:
	- GHSA-jr77-8gx4-h5qh
	credits:
	- Red Canary
	references:
	- report: https://github.com/shamaton/msgpack/issues/31
	- fix: https://github.com/shamaton/msgpack/pull/32
	cve_metadata:
	id: CVE-2022-41719
	cwe: 'CWE 400: Uncontrolled Resource Consumption'