FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
bc7aff8c-d806-11ea-a5aa-0800272260e5go -- encoding/binary: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs

The Go project reports:

Certain invalid inputs to ReadUvarint or ReadVarint could cause those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This could lead to processing more input than expected when the caller is reading directly from the network and depends on ReadUvarint and ReadVarint only consuming a small, bounded number of bytes, even from invalid inputs.


Discovery 2020-08-06
Entry 2020-08-06
go
lt 1.14.7,1

CVE-2020-16845
https://github.com/golang/go/issues/40618