DirectorySecurity Advisories
Sign In
Security Advisories

CGA-25gr-mpxp-g5g2

Published

Last updated

https://images.chainguard.dev/security/CGA-25gr-mpxp-g5g2
Package

step-issuer-fips

Latest Update
Fixed
Fixed Version

0.9.6-r2

Aliases
  • CVE-2024-45338
  • GHSA-w32m-9786-jp63

Severity

Unknown

Summary

Non-linear parsing of case-insensitive content in golang.org/x/net/html

Description

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images