​
DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2022-2879

Published

Last updated

https://nvd.nist.gov/vuln/detail/CVE-2022-2879

Severity

7.5

High

CVSS V3

Description

Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB.

References

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images