encoding/gob

1.18.0-0

OTHER 1 CVE

0

SINGLE_NUMBER 2 CVEs

1.23.0-0

OTHER 1 CVE

CVE-2024-34156

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

HIGH Sep 06, 2024

CVE-2022-30635

Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.

UNKNOWN Aug 09, 2022