blob: 46d32363cda80ab26bb5babb14584990fee56bf9 [file] [log] [blame]
packages:
- module: std
package: math/big
symbols:
- Rat.SetString
versions:
- fixed: 1.16.14
- introduced: 1.17.0
fixed: 1.17.7
description: |
Rat.SetString had an overflow issue that can lead to uncontrolled memory consumption.
cves:
- CVE-2022-23772
credit: Emmanuel Odeke
links:
pr: https://go.dev/cl/379537
commit: https://go.googlesource.com/go/+/ad345c265916bbf6c646865e4642eafce6d39e78
context:
- https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ
- https://go.dev/issue/50699