go-sqlcmd icon indicating copy to clipboard operation
go-sqlcmd copied to clipboard

Published 20 hours ago verified publisher icon microsoft

CVE-2024-45338

Open FrankAnk opened this issue 11 months ago • 0 comments

go-sqlcmd v1.8.2

Trivy scan reports Vulnerability CVE-2024-45338 in Package "golang.org/x/net" v0.26.0, this is fixed in version 0.33.0

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

FrankAnk avatar Dec 19 '24 07:12 FrankAnk