{"id":"MGASA-2022-0377","summary":"Updated golang packages fix security vulnerability","details":"regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)\narchive/tar: unbounded memory consumption when reading headers\n(CVE-2022-2879)\nnet/http/httputil: ReverseProxy should not forward unparseable query\nparameters (CVE-2022-2880)\n","modified":"2026-03-25T17:59:19.764421Z","published":"2022-10-18T23:14:56Z","related":["CVE-2022-2879","CVE-2022-2880","CVE-2022-41715"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0377.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30964"},{"type":"REPORT","url":"https://groups.google.com/g/golang-announce/c/xtuG5faxtaU"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SWGSHGPO6S5363G5FSISXYXICE3YJRKU/"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/THKJHFMX4DAZXJ5MFPN3BNHZDN7BW5RI/"}],"affected":[{"package":{"name":"golang","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/golang?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.18.7-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0377.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}