DevGuard Logo

/Devguard
Group
/devguard-scanner
Repository

Overview
Compliance
Code Risks
Dependency Risks
Dependencies

CVE-2022-30635

Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.

Open
LOW (2.6)
  • T

    Tim Bastin detected CVE-2022-30635 with a risk of 2.6

    main
  • logo

    System updated the risk assessment from 2.6 to 1.3

    main

    System recalculated raw risk assessment

  • T

    Tim Bastin fixed CVE-2022-30635

    main
  • T

    Tim Bastin detected CVE-2022-30635 with a risk of 2.6

    main
  • logo

    System updated the risk assessment from 2.6 to 1.3

    main

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 1.3 to 2.6

    main

    System recalculated raw risk assessment

  • logo

    System removed scanner:

    main
  • logo

    System removed scanner:

    main
  • logo

    System removed scanner:

    main
  • T

    Tim Bastin fixed CVE-2022-30635

    main
  • logo

    System detected CVE-2022-30635 with a risk of 2.6

    main
  • T

    Tim Bastin fixed CVE-2022-30635

    main
  • logo

    System detected CVE-2022-30635 with a risk of 2.6

    main

Add a comment

Mark as False Positive
Last calculated at:

Affected component

Logo von golang stdlib

Installed version:
1.21.8
Fixed in:
v1.22.7
Show in dependency graph

Quick Fix

Update all Dependencies
Update only stdlib
GitHubImprintTerms of UsePrivacy
Copyright © 2025 L3montree GmbH and the DevGuard Contributors. All rights reserved. Version 667098114b5ef45c7830e7aa599604fa65eb818f