CVE-2022-32149

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 70%
Affected Products (NVD)
VendorProductVersion
golangtext
𝑥
< 0.3.8
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
golang-golang-x-text
bookworm
0.7.0-1
fixed
bullseye
no-dsa
buster
postponed
sid
0.16.0-1
fixed
trixie
0.16.0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
golang-golang-x-text
bionic
dne
focal
Fixed 0.3.2-4ubuntu0.1
released
jammy
Fixed 0.3.7-1ubuntu0.20.04.1
released
kinetic
Fixed 0.3.7-1ubuntu0.22.10.1
released
lunar
ignored
mantic
not-affected
noble
not-affected
trusty
ignored
xenial
ignored
golang-x-text
bionic
Fixed 0.0~git20170627.0.6353ef0-1ubuntu2.1
released
focal
ignored
impish
dne
jammy
dne
kinetic
dne
lunar
dne
mantic
dne
noble
dne
trusty
dne
xenial
needs-triage
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
bind
suse enterprise sap 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise sap 15 SP2
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.65.1
fixed
bind-chrootenv
suse enterprise sap 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise sap 15 SP2
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.65.1
fixed
bind-devel
suse enterprise sap 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise sap 15 SP2
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.65.1
fixed
bind-doc
suse enterprise sap 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise sap 15 SP2
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.65.1
fixed
bind-utils
suse enterprise sap 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise sap 15 SP2
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.65.1
fixed
libbind9-1600
suse enterprise sap 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise sap 15 SP2
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.65.1
fixed
libdns1605
suse enterprise sap 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise sap 15 SP2
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.65.1
fixed
libirs-devel
suse enterprise sap 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise sap 15 SP2
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.65.1
fixed
libirs1601
suse enterprise sap 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise sap 15 SP2
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.65.1
fixed
libisc1606
suse enterprise sap 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise sap 15 SP2
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.65.1
fixed
libisccc1600
suse enterprise sap 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise sap 15 SP2
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.65.1
fixed
libisccfg1600
suse enterprise sap 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise sap 15 SP2
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.65.1
fixed
libns1604
suse enterprise sap 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise sap 15 SP2
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.65.1
fixed
python3-bind
suse enterprise sap 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise sap 15 SP2
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP1
9.16.6-150000.12.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.65.1
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
application-gateway-kubernetes-ingress
CBL-Mariner 2.0
0:1.4.0-22.cm2
fixed
buildah
Azure Linux 3.0
0:1.41.4-2.azl3
fixed
cf-cli
CBL-Mariner 2.0
0:8.4.0-21.cm2
fixed
cni
Azure Linux 3.0
0:1.1.2-3.azl3
fixed
CBL-Mariner 2.0
0:1.0.1-20.cm2
fixed
containerized-data-importer
CBL-Mariner 2.0
0:1.55.0-20.cm2
fixed
containernetworking-plugins
Azure Linux 3.0
0:1.6.1-4.azl3
fixed
cri-o
CBL-Mariner 2.0
0:1.22.3-8.cm2
fixed
gh
CBL-Mariner 2.0
0:2.13.0-22.cm2
fixed
git-lfs
CBL-Mariner 2.0
0:3.4.1-1.cm2
fixed
influxdb
CBL-Mariner 2.0
0:2.6.1-17.cm2
fixed
keda
Azure Linux 3.0
0:2.14.0-1.azl3
fixed
CBL-Mariner 2.0
0:2.4.0-23.cm2
fixed
kubevirt
Azure Linux 3.0
0:1.2.0-1.azl3
fixed
CBL-Mariner 2.0
0:0.59.0-20.cm2
fixed
kured
CBL-Mariner 2.0
0:1.13.2-1.cm2
fixed
libcontainers-common
CBL-Mariner 2.0
0:20210626-6.cm2
fixed
multus
Azure Linux 3.0
0:4.0.2-1.azl3
fixed
node-problem-detector
Azure Linux 3.0
0:0.8.15-1.azl3
fixed
CBL-Mariner 2.0
0:0.8.17-2.cm2
fixed
podman
Azure Linux 3.0
0:5.6.1-2.azl3
fixed
prometheus-adapter
CBL-Mariner 2.0
0:0.10.0-14.cm2
fixed
sriov-network-device-plugin
Azure Linux 3.0
0:3.7.0-1.azl3
fixed
CBL-Mariner 2.0
0:3.6.2-2.cm2
fixed
terraform
CBL-Mariner 2.0
0:1.3.2-19.cm2
fixed