Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 5 of 5 results

CVE-2021-38561

Medium priority

Some fixes available 7 of 10

golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector...

2 affected packages

golang-golang-x-text, golang-x-text

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-golang-x-text Fixed Fixed Fixed Not in release Not in release
golang-x-text Not in release Not in release Ignored Fixed Vulnerable
Show less packages

CVE-2022-32149

Medium priority

Some fixes available 4 of 7

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.

2 affected packages

golang-golang-x-text, golang-x-text

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-golang-x-text Not affected Fixed Fixed Not in release Ignored
golang-x-text Not in release Not in release Ignored Fixed Needs evaluation
Show less packages

CVE-2020-28852

Low priority

Some fixes available 3 of 9

In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)

3 affected packages

golang-golang-x-text, golang-x-text, google-guest-agent

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-golang-x-text Not affected Not affected Fixed Not in release Not in release
golang-x-text Not in release Not in release Vulnerable Fixed Vulnerable
google-guest-agent Not affected Not affected Not affected Not affected Needs evaluation
Show less packages

CVE-2020-28851

Low priority

Some fixes available 3 of 10

In x/text in Go 1.15.4, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)

3 affected packages

golang-golang-x-text, golang-x-text, google-guest-agent

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-golang-x-text Not affected Not affected Fixed Not in release Not in release
golang-x-text Not in release Not in release Vulnerable Fixed Vulnerable
google-guest-agent Not affected Not affected Not affected Not affected Needs evaluation
Show less packages

CVE-2020-14040

Low priority

Some fixes available 3 of 9

The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single...

2 affected packages

golang-golang-x-text, golang-x-text

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-golang-x-text Not affected Not affected Fixed Not in release Not in release
golang-x-text Not in release Not in release Ignored Fixed Vulnerable
Show less packages