ALT-PU-2021-3244-1
Closed vulnerabilities
Published: 2021-11-08
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-41771
ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf
- https://groups.google.com/g/golang-announce/c/0fM21h43arc
- https://groups.google.com/g/golang-announce/c/0fM21h43arc
- [debian-lts-announce] 20220121 [SECURITY] [DLA 2891-1] golang-1.8 security update
- [debian-lts-announce] 20220121 [SECURITY] [DLA 2891-1] golang-1.8 security update
- [debian-lts-announce] 20220121 [SECURITY] [DLA 2892-1] golang-1.7 security update
- [debian-lts-announce] 20220121 [SECURITY] [DLA 2892-1] golang-1.7 security update
- [debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update
- [debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update
- FEDORA-2021-2ef35beebf
- FEDORA-2021-2ef35beebf
- FEDORA-2021-2b2dd1b5a7
- FEDORA-2021-2b2dd1b5a7
- GLSA-202208-02
- GLSA-202208-02
- https://security.netapp.com/advisory/ntap-20211210-0003/
- https://security.netapp.com/advisory/ntap-20211210-0003/
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
Published: 2021-11-08
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-41772
Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf
- https://groups.google.com/g/golang-announce/c/0fM21h43arc
- https://groups.google.com/g/golang-announce/c/0fM21h43arc
- FEDORA-2021-2ef35beebf
- FEDORA-2021-2ef35beebf
- FEDORA-2021-2b2dd1b5a7
- FEDORA-2021-2b2dd1b5a7
- GLSA-202208-02
- GLSA-202208-02
- https://security.netapp.com/advisory/ntap-20211210-0003/
- https://security.netapp.com/advisory/ntap-20211210-0003/
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html