gosec

go/gosec

Fork 0

mirror of https://github.com/securego/gosec.git synced 2025-07-07 00:35:35 +02:00

Commit Graph

Author	SHA1	Message	Date
Cosmin Cojocar	de2c6a36fa	Extract the issue in its own package	2023-02-16 09:45:28 +01:00
Vladimir Severov	9c19cb6501	Add check for usage of Rat.SetString in math/big with an overflow error (#819 ) * Add check for usage of Rat.SetString in math/big with an overflow error Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. It is the CVE-2022-23772. * Use ContainsPkgCallExpr instead of manual parsing	2022-06-03 00:19:51 +02:00

Author

SHA1

Message

Date

Cosmin Cojocar

de2c6a36fa

Extract the issue in its own package

2023-02-16 09:45:28 +01:00

Vladimir Severov

9c19cb6501

Add check for usage of Rat.SetString in math/big with an overflow error (#819 )

* Add check for usage of Rat.SetString in math/big with an overflow error

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7
has an overflow that can lead to Uncontrolled Memory Consumption.

It is the CVE-2022-23772.

* Use ContainsPkgCallExpr instead of manual parsing

2022-06-03 00:19:51 +02:00

2 Commits