CVE-2018-18206

描述

A malformed query can cause an out-of-bounds panic due to improper validation of arguments. If processing queries from untrusted parties, this may be used as a vector for denial of service attacks.

如何修補 CVE-2018-18206

要修補 CVE-2018-18206,請將受影響套件升級到下列已修補版本。

• Go/github.com/bytom/bytom—升級至 1.0.6 或更新版本
• —升級至 1.0.4-0.20180831054840-1ac3c8ac4f2b 或更新版本

CVE-2018-18206 正在被利用嗎?

低 — EPSS 為 0.5%,目前沒有觀察到大規模利用活動。

受影響套件(2)

• from 0, < 1.0.6
• from 0, < 1.0.4-0.20180831054840-1ac3c8ac4f2b

CVSS 分數

參考連結(5)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2018-18206
• PATCHgithub.com/Bytom/bytom
• WEBgithub.com/Bytom/bytom/commit/1ac3c8ac4f2b1e1df9675228290bda6b9586ba42
• WEBgithub.com/Bytom/bytom/pull/1307
• WEBpkg.go.dev