Search for vulnerabilities
Vulnerability details: VCID-e9sn-uavd-aaah
Vulnerability ID VCID-e9sn-uavd-aaah
Aliases CVE-2022-32189
Summary A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service.
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-400 Uncontrolled Resource Consumption
System Score Found at
cvssv3 6.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32189.json
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00099 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00099 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00099 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00099 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00099 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00099 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00099 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00099 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00099 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00183 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00183 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00183 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00183 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00195 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00195 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00195 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00195 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00195 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00195 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00195 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00195 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00195 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00195 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00195 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00195 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
epss 0.00382 https://api.first.org/data/v1/epss?cve=CVE-2022-32189
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=2113814
cvssv3.1 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32189
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-32189
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32189.json
https://api.first.org/data/v1/epss?cve=CVE-2022-32189
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://go.dev/cl/417774
https://go.dev/issue/53871
https://go.googlesource.com/go/+/055113ef364337607e3e72ed7d48df67fde6fc66
https://groups.google.com/g/golang-announce/c/YqYYG87xB10
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UH4RHZUO6LPJKGF2UZSD2UZOCIGHUI5E/
https://pkg.go.dev/vuln/GO-2022-0537
https://security.netapp.com/advisory/ntap-20220923-0003/
2113814 https://bugzilla.redhat.com/show_bug.cgi?id=2113814
cpe:2.3:a:golang:go:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
CVE-2022-32189 https://nvd.nist.gov/vuln/detail/CVE-2022-32189
RHSA-2022:7129 https://access.redhat.com/errata/RHSA-2022:7129
RHSA-2022:7548 https://access.redhat.com/errata/RHSA-2022:7548
RHSA-2022:7950 https://access.redhat.com/errata/RHSA-2022:7950
RHSA-2022:8534 https://access.redhat.com/errata/RHSA-2022:8534
RHSA-2022:8535 https://access.redhat.com/errata/RHSA-2022:8535
RHSA-2022:8626 https://access.redhat.com/errata/RHSA-2022:8626
RHSA-2022:8781 https://access.redhat.com/errata/RHSA-2022:8781
RHSA-2023:0328 https://access.redhat.com/errata/RHSA-2023:0328
RHSA-2023:0446 https://access.redhat.com/errata/RHSA-2023:0446
RHSA-2023:0542 https://access.redhat.com/errata/RHSA-2023:0542
RHSA-2023:0584 https://access.redhat.com/errata/RHSA-2023:0584
RHSA-2023:0693 https://access.redhat.com/errata/RHSA-2023:0693
RHSA-2023:1275 https://access.redhat.com/errata/RHSA-2023:1275
RHSA-2023:1529 https://access.redhat.com/errata/RHSA-2023:1529
RHSA-2023:2193 https://access.redhat.com/errata/RHSA-2023:2193
RHSA-2023:2236 https://access.redhat.com/errata/RHSA-2023:2236
RHSA-2023:2357 https://access.redhat.com/errata/RHSA-2023:2357
RHSA-2023:2758 https://access.redhat.com/errata/RHSA-2023:2758
RHSA-2023:2802 https://access.redhat.com/errata/RHSA-2023:2802
RHSA-2023:3204 https://access.redhat.com/errata/RHSA-2023:3204
RHSA-2023:3205 https://access.redhat.com/errata/RHSA-2023:3205
RHSA-2023:3642 https://access.redhat.com/errata/RHSA-2023:3642
RHSA-2023:3742 https://access.redhat.com/errata/RHSA-2023:3742
RHSA-2024:2944 https://access.redhat.com/errata/RHSA-2024:2944
USN-6038-1 https://usn.ubuntu.com/6038-1/
USN-6038-2 https://usn.ubuntu.com/6038-2/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32189.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-32189
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-32189
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.23604
EPSS Score 0.00093
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.