GO-2025-3412
- Source
- https://pkg.go.dev/vuln/GO-2025-3412
- Import Source
- https://vuln.go.dev/ID/GO-2025-3412.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GO-2025-3412
- Aliases
-
- CVE-2024-10846
- GHSA-36gq-35j3-p9r9
- Published
- 2025-01-29T00:02:38Z
- Modified
- 2025-01-29T00:29:27.453132Z
- Summary
- Excessive resource consumption when unmarshalling Compose file with recursive loop in github.com/compose-spec/compose-go/v2
- Details
-
Excessive resource consumption when unmarshalling Compose file with recursive loop in github.com/compose-spec/compose-go/v2
- Database specific
{ "review_status": "REVIEWED", "url": "https://pkg.go.dev/vuln/GO-2025-3412" }- References
-
- https://github.com/compose-spec/compose-go/security/advisories/GHSA-36gq-35j3-p9r9
- https://github.com/compose-spec/compose-go/pull/618
- https://github.com/compose-spec/compose-go/pull/703
- https://github.com/docker/compose/commit/d239f0f3187a2ed5404c61f83bd5e995c81600ff
- https://github.com/docker/compose/issues/12235
Affected packages
Go / github.com/compose-spec/compose-go/v2
Package
- Name
- github.com/compose-spec/compose-go/v2
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/compose-spec/compose-go/v2