GO-2024-3282
- Source
- https://pkg.go.dev/vuln/GO-2024-3282
- Import Source
- https://vuln.go.dev/ID/GO-2024-3282.json
- JSON Data
- https://api.osv.dev/v1/vulns/GO-2024-3282
- Aliases
-
- CVE-2024-12401
- GHSA-r4pg-vg54-wxx4
- Published
- 2024-11-21T19:52:52Z
- Modified
- 2024-12-13T16:27:11.743144Z
- Summary
- Potential slowdown / DoS when parsing specially crafted PEM inputs in github.com/cert-manager/cert-manager
- Details
-
Potential slowdown / DoS when parsing specially crafted PEM inputs in github.com/cert-manager/cert-manager
- Database specific
{ "review_status": "REVIEWED", "url": "https://pkg.go.dev/vuln/GO-2024-3282" }- References
-
- https://github.com/cert-manager/cert-manager/security/advisories/GHSA-r4pg-vg54-wxx4
- https://github.com/cert-manager/cert-manager/commit/3a4c9eb55e2e43570679840bbe3217869fbc8efc
- https://github.com/cert-manager/cert-manager/commit/f22f78c8c0a64d718e203b326bc844c488ad7850
- https://github.com/cert-manager/cert-manager/pull/7400
- https://github.com/cert-manager/cert-manager/pull/7401
- https://github.com/cert-manager/cert-manager/pull/7402
- https://github.com/cert-manager/cert-manager/pull/7403
- https://go.dev/issue/50116
Affected packages
Go / github.com/cert-manager/cert-manager
Package
- Name
- github.com/cert-manager/cert-manager
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/cert-manager/cert-manager
Affected ranges
- Type
- SEMVER
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.12.14Introduced1.13.0-alpha.0Fixed1.15.4Introduced1.16.0-alpha.0Fixed1.16.2
Ecosystem specific
{
"imports": [
{
"symbols": [
"CertificateTemplateFromCSRPEM",
"CertificateTemplateFromCertificateRequest",
"CertificateTemplateFromCertificateSigningRequest",
"DecodePrivateKeyBytes",
"DecodeX509CertificateBytes",
"DecodeX509CertificateChainBytes",
"DecodeX509CertificateRequestBytes",
"DecodeX509CertificateSetBytes",
"GenerateLocallySignedTemporaryCertificate",
"ParseSingleCertificateChainPEM",
"RequestMatchesSpec"
],
"path": "github.com/cert-manager/cert-manager/pkg/util/pki"
},
{
"symbols": [
"OutputFormatDER"
],
"path": "github.com/cert-manager/cert-manager/internal/controller/certificates"
},
{
"symbols": [
"controller.ProcessItem",
"controller.Sync",
"controller.finalizeOrder"
],
"path": "github.com/cert-manager/cert-manager/pkg/controller/acmeorders"
}
]
}