Description
Unmarshal can panic on some inputs, possibly allowing for denial of service attacks.
Published: 2022-11-10
Score: 7.5 High
EPSS: 1.0% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2022-7376 Unmarshal can panic on some inputs, possibly allowing for denial of service attacks.
Github GHSA Github GHSA GHSA-jr77-8gx4-h5qh MessagePack for Golang subject to DoS via Unmarshal panic
History

Wed, 30 Apr 2025 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Subscriptions

Messagepack Project Messagepack
cve-icon MITRE

Status: PUBLISHED

Assigner: Go

Published:

Updated: 2025-04-30T19:46:41.386Z

Reserved: 2022-09-28T17:00:06.609Z

Link: CVE-2022-41719

cve-icon Vulnrichment

Updated: 2024-08-03T12:49:43.910Z

cve-icon NVD

Status : Modified

Published: 2022-11-10T20:15:12.187

Modified: 2026-06-17T05:03:42.343

Link: CVE-2022-41719

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses