We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Library home page: https://proxy.golang.org/golang.org/x/text/@v/v0.3.7.zip
Path to dependency file: /go.mod
Path to vulnerable library: /go.mod
Found in HEAD commit: fd9fc1baf3cd86beecdfe1d4b962b3e768b4ff92
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Dependency Hierarchy:
Found in base branch: master
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.
Publish Date: 2022-10-14
URL: CVE-2022-32149
Base Score Metrics:
Type: Upgrade version
Origin: https://www.cve.org/CVERecord?id=CVE-2022-32149
Release Date: 2022-10-14
Fix Resolution: v0.3.8
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Vulnerable Library - golang.org/x/text-v0.3.7
Library home page: https://proxy.golang.org/golang.org/x/text/@v/v0.3.7.zip
Path to dependency file: /go.mod
Path to vulnerable library: /go.mod
Found in HEAD commit: fd9fc1baf3cd86beecdfe1d4b962b3e768b4ff92
Vulnerabilities
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2022-32149
Vulnerable Library - golang.org/x/text-v0.3.7
Library home page: https://proxy.golang.org/golang.org/x/text/@v/v0.3.7.zip
Path to dependency file: /go.mod
Path to vulnerable library: /go.mod
Dependency Hierarchy:
Found in HEAD commit: fd9fc1baf3cd86beecdfe1d4b962b3e768b4ff92
Found in base branch: master
Vulnerability Details
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.
Publish Date: 2022-10-14
URL: CVE-2022-32149
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://www.cve.org/CVERecord?id=CVE-2022-32149
Release Date: 2022-10-14
Fix Resolution: v0.3.8
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
The text was updated successfully, but these errors were encountered: