reports/GO-2020-0005.toml - vulndb - Git at Google

 module = "go.etcd.io/etcd"
 package = "go.etcd.io/etcd/wal"

 description = """
 Malformed WALs can be constructed such that [`WAL.ReadAll`][] can cause attempted
 out of bounds reads, or creation of arbitarily sized slices, which may be used as
 a DoS vector.
 """

 cve = "CVE-2020-15106"

 credit = "Trail of Bits"

 symbols = ["WAL.ReadAll", "decoder.decodeRecord"]

 published = "2021-04-14T12:00:00Z"

 [[versions]]
 fixed = "v0.5.0-alpha.5.0.20200423152442-f4b650b51dc4"

 [links]
 pr = "https://github.com/etcd-io/etcd/pull/11793"
 commit = "https://github.com/etcd-io/etcd/commit/f4b650b51dc4a53a8700700dc12e1242ac56ba07"
 context = ["https://github.com/etcd-io/etcd/blob/master/security/SECURITY_AUDIT.pdf"]
	module = "go.etcd.io/etcd"
	package = "go.etcd.io/etcd/wal"

	description = """
	Malformed WALs can be constructed such that [`WAL.ReadAll`][] can cause attempted
	out of bounds reads, or creation of arbitarily sized slices, which may be used as
	a DoS vector.
	"""

	cve = "CVE-2020-15106"

	credit = "Trail of Bits"

	symbols = ["WAL.ReadAll", "decoder.decodeRecord"]

	published = "2021-04-14T12:00:00Z"

	[[versions]]
	fixed = "v0.5.0-alpha.5.0.20200423152442-f4b650b51dc4"

	[links]
	pr = "https://github.com/etcd-io/etcd/pull/11793"
	commit = "https://github.com/etcd-io/etcd/commit/f4b650b51dc4a53a8700700dc12e1242ac56ba07"
	context = ["https://github.com/etcd-io/etcd/blob/master/security/SECURITY_AUDIT.pdf"]