CVE-2022-30632

Summary

Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.

Affected Software

VendorProductVersion RangeStatus
Go standard librarypath/filepath0 < 1.17.12affected
Go standard librarypath/filepath1.18.0-0 < 1.18.4affected

Weaknesses

  • CWE-674: Uncontrolled Recursion

ADP Enrichment

CVE Program Container

Additional References

References