Encoding/Xml
Approved changes feed: RSS · Atom
cpe:2.3:a:go_standard_library:encoding/xml:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Go Standard Library (50bc78d3-15d0-59a4-bc22-a964570e0614) |
|---|---|
| Product | Encoding/Xml (2adb99ed-3d53-5b35-9ff4-52cc96da9d73) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-30633 |
vulnerable | 2026-06-03 14:47:09.329432 |
Stack exhaustion when unmarshaling certain documents in encoding/xml
Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag.
Published: 2022-08-09T20:16:19.000Z
Updated: 2026-03-09T16:53:13.209Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-28131 |
vulnerable | 2026-06-03 14:46:54.434231 |
Stack exhaustion from deeply nested XML documents in encoding/xml
Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document.
Published: 2022-08-09T00:00:00.000Z
Updated: 2024-08-03T05:48:36.830Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.