You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Can you please fix the following security vulnerabilities?
CVE-2021-33194: golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.
Fix Status: fixed in 0.0.0-20210520170846-37e1c6afe023
CVE-2021-38561: golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.
Fix Status: fixed in 0.3.7
CVE-2022-32149: (golang.org/x/text) An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.
Fix Status: fixed in 0.3.8
The text was updated successfully, but these errors were encountered:
Hi Team,
Can you please fix the following security vulnerabilities?
CVE-2021-33194: golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.
Fix Status: fixed in 0.0.0-20210520170846-37e1c6afe023
CVE-2021-38561: golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.
Fix Status: fixed in 0.3.7
CVE-2022-32149: (golang.org/x/text) An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.
Fix Status: fixed in 0.3.8
The text was updated successfully, but these errors were encountered: