How severe is CVE-2024-45338?

CVE-2024-45338 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2024-45338

5.3MEDIUM

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

Published: 12/18/2024Updated: 2/21/2025

Description

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

AI AnalysisPowered by AI

References

https://go.dev/cl/637536
https://go.dev/issue/70906
https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ
https://pkg.go.dev/vuln/GO-2024-3333
https://security.netapp.com/advisory/ntap-20250221-0001/