CVE-2022-32149 @ Go-golang.org/x/text-v0.3.7

[dorohayon]

Vulnerable Package issue exists @ Go-golang.org/x/text-v0.3.7 in branch main

In golang.org/x/text package versions prior to 0.3.8, an attacker may cause a denial of service by crafting an Accept-Language header which "ParseAcceptLanguage" will take significant time to parse.

Namespace: dorohayon
Repository: cxone-advanced-lab
Repository Url: https://github.com/dorohayon/cxone-advanced-lab
CxAST-Project: dorohayon/cxone-advanced-lab
CxAST platform scan: 1f20cfdb-755f-4c85-8955-8edd4bc0421c
Branch: main
Application: cxone-advanced-lab
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-772

---

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH
Remediation Upgrade Recommendation: v0.3.8-0.20220722155301-d03b41800055

---

References
Advisory
Advisory
Mail Thread
Issue
Commit
Release Note