Search CVE reports

Toggle filters

91 – 93 of 93 results

CVE-2021-44716

Medium priority

Some fixes available 7 of 23

net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.

8 affected packages

golang-1.11, golang-1.17, golang-1.7, golang-1.8, golang-golang-x-net...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-1.11 Not in release Not in release Not in release Not in release
golang-1.17 Not in release Vulnerable Not in release Not in release
golang-1.7 Not in release Not in release Not in release Not in release
golang-1.8 Not in release Not in release Not in release Vulnerable
golang-golang-x-net Not affected Not affected Not in release Not in release
golang-golang-x-net-dev Not in release Not in release Vulnerable Vulnerable
google-guest-agent Fixed Fixed Fixed Vulnerable
golang-1.15 Not in release Not in release
Show all 8 packages Show less packages

CVE-2021-41772

Medium priority
Needs evaluation

Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field.

6 affected packages

golang-1.11, golang-1.15, golang-1.16, golang-1.17, golang-1.7, golang-1.8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-1.11
golang-1.15
golang-1.16 Not in release Not in release Needs evaluation Needs evaluation
golang-1.17 Not in release Needs evaluation
golang-1.7
golang-1.8 Needs evaluation
Show less packages

CVE-2021-41771

Low priority
Needs evaluation

ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.

6 affected packages

golang-1.15, golang-1.16, golang-1.17, golang-1.7, golang-1.8, golang-1.11

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-1.15
golang-1.16 Not in release Not in release Needs evaluation Needs evaluation
golang-1.17 Not in release Needs evaluation
golang-1.7
golang-1.8 Needs evaluation
golang-1.11
Show less packages
  1. Previous page
  2. 6
  3. 7
  4. 8
  5. 9
  6. 10
  7. Next page
Export to JSON