mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-26 01:07:59 +02:00
0xMarcio
1.3 KiB
1.3 KiB
CVE-2022-2879
Description
Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB.
POC
Reference
No PoCs from references.
Github
- https://github.com/8-cm/kube-dump
- https://github.com/ARPSyndicate/cvemon
- https://github.com/JakubWierzchowski/manier
- https://github.com/MrKsey/AdGuardHome
- https://github.com/agadecki/malware-cryptominer-container
- https://github.com/drewtwitchell/scancompare
- https://github.com/henriquebesing/container-security
- https://github.com/kb5fls/container-security
- https://github.com/runwhen-contrib/helm-charts
- https://github.com/ruzickap/malware-cryptominer-container