{"id":"GHSA-p6fg-723f-hgpw","summary":"shiyanhui/dht vulnerable to Uncontrolled Resource Consumption","details":"Due to unchecked type assertions, maliciously crafted messages can cause panics, which may be used as a denial of service vector.","aliases":["CVE-2020-36562","GO-2020-0040"],"modified":"2023-11-08T04:03:47.544096Z","published":"2022-12-28T03:30:28Z","database_specific":{"cwe_ids":["CWE-400","CWE-617"],"nvd_published_at":"2022-12-28T03:15:00Z","github_reviewed":true,"github_reviewed_at":"2022-12-30T19:48:43Z","severity":"HIGH"},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36562"},{"type":"WEB","url":"https://github.com/shiyanhui/dht/issues/57"},{"type":"PACKAGE","url":"https://github.com/shiyanhui/dht"},{"type":"WEB","url":"https://pkg.go.dev/vuln/GO-2020-0040"}],"affected":[{"package":{"name":"github.com/shiyanhui/dht","ecosystem":"Go","purl":"pkg:golang/github.com/shiyanhui/dht"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"last_affected":"0.0.0-20201219151056-5a20f3199263"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/12/GHSA-p6fg-723f-hgpw/GHSA-p6fg-723f-hgpw.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}