Stack exhaustion in Parse in go/build/constraint

GO-2024-3107 · BIT-golang-2024-34158 · CVE-2024-34158

Published Sep 6, 2024 · Modified Feb 24, 2026

Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

Ready to move

Free, no credit card | First findings in minutes