GO-2020-0005

Source
https://storage.googleapis.com/go-vulndb/ID/GO-2020-0005.json
Aliases
  • CVE-2020-15106
  • CVE-2020-15112
Published
2021-04-14T20:04:52Z
Modified
2022-09-20T15:16:04Z
Details

Malformed WALs can be constructed such that WAL.ReadAll can cause attempted out of bounds reads, or creation of arbitrarily sized slices, which may be used as a DoS vector.

References

Affected packages

Go / go.etcd.io/etcd

go.etcd.io/etcd

Affected ranges

Type
SEMVER
Events
Introduced
0
Fixed
0.5.0-alpha.5.0.20200423152442-f4b650b51dc4

Affected versions

Ecosystem specific

{
    "imports": [
        {
            "symbols": [
                "WAL.ReadAll",
                "decoder.decodeRecord"
            ],
            "path": "go.etcd.io/etcd/wal"
        }
    ]
}

Database specific

{
    "url": "https://pkg.go.dev/vuln/GO-2020-0005"
}