Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2022-1962

CVSSv4: NA | CVSSv3: 5.5 | CVSSv2: NA | VMScore: 650 | EPSS: 0.00076 | KEV: Not Included
Published: 10/08/2022 Updated: 21/11/2024

Vulnerability Summary

Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an malicious user to cause a panic due to stack exhaustion via deeply nested types or declarations.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

golang go

Vendor Advisories

Amazon Linux AMI: ALAS-2022-1635
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...
Red Hat: Important: Release of OpenShift Serverless 1.24.0
Synopsis Important: Release of OpenShift Serverless 1240 Type/Severity Security Advisory: Important Topic Release of OpenShift Serverless 1240The References section contains CVE links providing detailed severity ratingsfor each vulnerability Ratings are based on a Common Vulnerability ScoringSystem (CVSS) base score Description Versio ...
Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.7.6 security and bug fix update
Synopsis Moderate: Migration Toolkit for Containers (MTC) 176 security and bug fix update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 176 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Red Hat: Important: Node Maintenance Operator 4.11.1 security update
概述 Important: Node Maintenance Operator 4111 security update 类型/严重性 Security Advisory: Important 标题 An update for node-maintenance-must-gather-container, node-maintenance-operator-bundle-container, and node-maintenance-operator-container is now available for Node Maintenance Operator 411 for RHEL 8 This Operator is deliv ...
Red Hat: Moderate: OpenShift Virtualization 4.12.0 RPMs security update
Synopsis Moderate: OpenShift Virtualization 4120 RPMs security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic Updated release packages that fix several bugs and add various enhancements are now availableRed Hat ...
Red Hat: Important: grafana security, bug fix, and enhancement update
Synopsis Important: grafana security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for grafana is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rate ...
Red Hat: Important: Red Hat OpenShift Service Mesh 2.3.1 Containers security update
Synopsis Important: Red Hat OpenShift Service Mesh 231 Containers security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Service Mesh 231 ContainersRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a deta ...
Red Hat: Important: Release of OpenShift Serverless Client kn 1.24.0
Synopsis Important: Release of OpenShift Serverless Client kn 1240 Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic Release of OpenShift Serverless Client kn 1240Red Hat Product Security has rated this update as having ...
Red Hat: Moderate: container-tools:4.0 security and bug fix update
Synopsis Moderate: container-tools:40 security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the container-tools:40 module is now available for Red Hat Enterprise Linux 8Red Hat Produc ...
Red Hat: Moderate: Red Hat Advanced Cluster Management 2.6.0 security updates and bug fixes
Synopsis Moderate: Red Hat Advanced Cluster Management 260 security updates and bug fixes Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 260 GeneralAvailability release images, which fix security issues and bugsRed Hat Product Security has rated this update as having a security impactof ...
Red Hat: Moderate: container-tools:rhel8 security, bug fix, and enhancement update
Synopsis Moderate: container-tools:rhel8 security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linu ...
Red Hat: Important: Secondary Scheduler Operator for Red Hat OpenShift 1.1.0 security update
Synopsis Important: Secondary Scheduler Operator for Red Hat OpenShift 110 security update Type/Severity Security Advisory: Important Topic Secondary Scheduler Operator for Red Hat OpenShift 110Red Hat Product Security has rated this update as having a security impact ofImportant A Common Vulnerability Scoring System (CVSS) base score, w ...
Red Hat: Moderate: container-tools:3.0 security update
Synopsis Moderate: container-tools:30 security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the container-tools:30 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security h ...
Red Hat: Important: go-toolset and golang security and bug fix update
Synopsis Important: go-toolset and golang security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for go-toolset and golang is now available for Red Hat Enterprise Linux 9Red Hat Product Sec ...
Red Hat: Important: go-toolset-1.17 and go-toolset-1.17-golang security and bug fix update
概述 Important: go-toolset-117 and go-toolset-117-golang security and bug fix update 类型/严重性 Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems 标题 An update for go-toolset-117 and go-toolset-117-golang is now available for Re ...
Red Hat: Moderate: Custom Metrics Autoscaler Operator for Red Hat OpenShift (with security updates)
Synopsis Moderate: Custom Metrics Autoscaler Operator for Red Hat OpenShift (with security updates) Type/Severity Security Advisory: Moderate Topic Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updatesRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability S ...
Red Hat: Moderate: OpenShift API for Data Protection (OADP) 1.0.4 security and bug fix update
Synopsis Moderate: OpenShift API for Data Protection (OADP) 104 security and bug fix update Type/Severity Security Advisory: Moderate Topic OpenShift API for Data Protection (OADP) 104 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Red Hat: Moderate: Multicluster Engine for Kubernetes 2.1 security updates and bug fixes
Synopsis Moderate: Multicluster Engine for Kubernetes 21 security updates and bug fixes Type/Severity Security Advisory: Moderate Topic Multicluster Engine v21Red Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, ...
Red Hat: Important: Red Hat Application Interconnect 1.0 Release (rpms)
Synopsis Important: Red Hat Application Interconnect 10 Release (rpms) Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic Red Hat Application Interconnect 10 introduces a service network, linking TCP and HTTP services acr ...
Red Hat: Important: Jenkins and Jenkins-2-plugins security update
Synopsis Important: Jenkins and Jenkins-2-plugins security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for Jenkins and Jenkins-2-plugins is now available for OpenShift Developer Tools and Services for ...
Red Hat: Moderate: RHSA: Submariner 0.13 - security and enhancement update
Synopsis Moderate: RHSA: Submariner 013 - security and enhancement update Type/Severity Security Advisory: Moderate Topic Submariner 013 packages that fix security issues and bugs, as well as adds various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 26Red Hat Product Security has rated ...
Red Hat: Moderate: VolSync 0.5 security fixes and updates
Synopsis Moderate: VolSync 05 security fixes and updates Type/Severity Security Advisory: Moderate Topic VolSync v05Red Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the ...
Red Hat: Moderate: Red Hat OpenShift Service Mesh 2.2.2 Containers security update
Synopsis Moderate: Red Hat OpenShift Service Mesh 222 Containers security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Service Mesh 222 ContainersRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detaile ...
Red Hat: Moderate: Gatekeeper Operator v0.2 security and container updates
Synopsis Moderate: Gatekeeper Operator v02 security and container updates Type/Severity Security Advisory: Moderate Topic Gatekeeper Operator v02 security updatesRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity ratin ...
Red Hat: Important: OpenShift Virtualization 4.12.0 Images security update
Synopsis Important: OpenShift Virtualization 4120 Images security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Virtualization release 412 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact of ...
Amazon Linux 2: ALAS2-2022-1859
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...
Amazon Linux 2: ALAS2-2022-1861
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...
Amazon Linux 2: ALAS2-2022-1863
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...
Amazon Linux 2: ALAS2DOCKER-2022-020
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...
Amazon Linux 2: ALAS2-2022-1846
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...
Amazon Linux 2: ALAS2-2022-1847
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...
Amazon Linux 2: ALAS2-2022-1860
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...
Amazon Linux 2: ALAS2-2022-1865
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...
Amazon Linux 2: ALAS2-2022-1864
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...
Amazon Linux 2: ALAS2-2022-1862
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...
Amazon Linux 2: ALAS2-2022-1858
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...
Amazon Linux 2: ALASGOLANG1.19-2023-002
An out of bounds read vulnerability was found in debug/macho of the Go standard library When using the debug/macho standard library (stdlib) and malformed binaries are parsed using Open or OpenFat, it can cause golang to attempt to read outside of a slice (array) causing a panic when calling ImportedSymbols An attacker can use this vulnerability ...
Amazon Linux 2022: ALAS2022-2022-192
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...
Amazon Linux 2022: ALAS2022-2022-133
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...
Amazon Linux 2022: ALAS2022-2022-128
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...
Amazon Linux 2022: ALAS2022-2022-193
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...
Amazon Linux 2022: ALAS2022-2022-140
A flaw was found in golang The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid (CVE-2022-1705) A flaw was found in the golang standard library, go/parser When callin ...

References

CWE-674https://nvd.nist.govhttps://alas.aws.amazon.com/ALAS-2022-1635.htmlhttps://www.first.org/epsshttps://go.dev/cl/417063https://go.dev/issue/53616https://go.googlesource.com/go/+/695be961d57508da5a82217f7415200a11845879https://groups.google.com/g/golang-announce/c/nqrv9fbR0zEhttps://pkg.go.dev/vuln/GO-2022-0515https://go.dev/cl/417063https://go.dev/issue/53616https://go.googlesource.com/go/+/695be961d57508da5a82217f7415200a11845879https://groups.google.com/g/golang-announce/c/nqrv9fbR0zEhttps://pkg.go.dev/vuln/GO-2022-0515
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
directory listings wordpress plugin – ulistingpostquantum-feldman-vssmatioCVE-2025-20115CVE-2025-2025HTML injectionSSTICVE-2025-2310CVE-2025-27363CVE-2025-2343logicaldoc enterpriseCVE-2025-2163dos
Home
/
Search Results
/
CVE-2022-1962
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook