blob: 2fd64afdebe04fc0474daa0f5bf9894ad470342f [file] [log] [blame]
packages:
- module: std
package: encoding/binary
symbols:
- ReadUvarint
- ReadVarint
versions:
- fixed: 1.13.15
- introduced: 1.14.0
fixed: 1.14.7
vulnerable_at: 1.14.6
description: |
ReadUvarint and ReadVarint can read an unlimited number of bytes from
invalid inputs.
Certain invalid inputs to ReadUvarint or ReadVarint can cause these
functions to read an unlimited number of bytes from the ByteReader
parameter before returning an error. This can lead to processing more
input than expected when the caller is reading directly from a
network and depends on ReadUvarint or ReadVarint only consuming a
small, bounded number of bytes, even from invalid inputs.
cves:
- CVE-2020-16845
ghsas:
- GHSA-q6gq-997w-f55g
credit: Diederik Loerakker, Jonny Rhea, Raúl Kripalani, and Preston Van Loon
links:
pr: https://go.dev/cl/247120
commit: https://go.googlesource.com/go/+/027d7241ce050d197e7fabea3d541ffbe3487258
context:
- https://go.dev/issue/40618
- https://groups.google.com/g/golang-announce/c/NyPIaucMgXo