Security Advisory

CVE-2022-2879

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-10-14 00:00:00

Last updated 2025-02-13 16:32:38

Assigner Go

State PUBLISHED

Description

Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB.

← Browse all CVEs View on cve.org ↗