Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS00cjh4LTJwMjYtOTc2cM4AA0xx

goproxy Denial of Service vulnerability

goproxy prior to pseudoversion 0.0.0-20230731152917-f99041a5c027 was discovered to contain an issue which can lead to a Denial of service (DoS) via unspecified vectors.

Permalink: https://github.com/advisories/GHSA-4r8x-2p26-976p
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS00cjh4LTJwMjYtOTc2cM4AA0xx
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: 10 months ago
Updated: 6 months ago

CVSS Score: 7.5
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Identifiers: GHSA-4r8x-2p26-976p, CVE-2023-37788
References:

Repository: https://github.com/elazarl/goproxy
Blast Radius: 34.7

Affected Packages

go:github.com/elazarl/goproxy

Dependent packages: 6,167
Dependent repositories: 42,211
Downloads:
Affected Version Ranges: < 0.0.0-20230731152917-f99041a5c027
Fixed in: 0.0.0-20230731152917-f99041a5c027
All affected versions: 0.0.0-20141126100753-2fc786de51e8, 0.0.0-20170405201442-c4fc26588b6e, 0.0.0-20171101143503-a96fa3a31826, 0.0.0-20180725130230-947c36da3153, 0.0.0-20181003060214-f58a169a71a5, 0.0.0-20181111060418-2ce16c963a8a, 0.0.0-20190703090003-6125c262ffb0, 0.0.0-20190911111923-ecfe977594f1, 0.0.0-20191011121108-aa519ddbe484, 0.0.0-20200220113713-29f9e0ba54ea, 0.0.0-20200809112317-0581fc3aee2d, 0.0.0-20201021153353-00ad82a08272, 0.0.0-20210110162100-a92cc753f88e, 0.0.0-20210801061803-8e322dfb79c4, 0.0.0-20211114080932-d06c3be7c11b, 0.0.0-20220115173737-adb46da277ac, 0.0.0-20220317163658-f5c0d0953e10, 0.0.0-20220328115640-894aeddb713e, 0.0.0-20220417044921-416226498f94, 0.0.0-20220529153421-8ea89ba92021, 0.0.0-20220901064549-fbd10ff4f5a1, 0.0.0-20221015165544-a0805db90819
All unaffected versions: