CVE-2022-32189

Summary

A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service.

Affected Software

VendorProductVersion RangeStatus
Go standard librarymath/big0 < 1.17.13affected
Go standard librarymath/big1.18.0-0 < 1.18.5affected

Weaknesses

  • CWE 400: Uncontrolled Resource Consumption

ADP Enrichment

CVE Program Container

Additional References

References