data/reports/GO-2022-1188.yaml - vulndb - Git at Google

 id: GO-2022-1188
 modules:
     - module: code.sajari.com/docconv
       versions:
         - fixed: 1.2.1
       vulnerable_at: 1.2.0
       packages:
         - package: code.sajari.com/docconv/docd
           symbols:
             - serve
           derived_symbols:
             - main
 summary: Uncontrolled memory allocation in code.sajari.com/docconv
 description: |-
     An attacker can remotely supply a specially crafted input that causes
     uncontrolled memory allocation.
 cves:
     - CVE-2022-4741
 ghsas:
     - GHSA-qvx2-59g8-8hph
 references:
     - fix: https://github.com/sajari/docconv/commit/42bcff666855ab978e67a9041d0cdea552f20301
 review_status: REVIEWED
	id: GO-2022-1188
	modules:
	- module: code.sajari.com/docconv
	versions:
	- fixed: 1.2.1
	vulnerable_at: 1.2.0
	packages:
	- package: code.sajari.com/docconv/docd
	symbols:
	- serve
	derived_symbols:
	- main
	summary: Uncontrolled memory allocation in code.sajari.com/docconv
	description: \|-
	An attacker can remotely supply a specially crafted input that causes
	uncontrolled memory allocation.
	cves:
	- CVE-2022-4741
	ghsas:
	- GHSA-qvx2-59g8-8hph
	references:
	- fix: https://github.com/sajari/docconv/commit/42bcff666855ab978e67a9041d0cdea552f20301
	review_status: REVIEWED