Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

61 – 62 of 62 results


CVE-2021-41772

Medium priority
Needs evaluation

Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field.

6 affected packages

golang-1.11, golang-1.15, golang-1.16, golang-1.17, golang-1.7, golang-1.8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-1.11 Ignored
golang-1.15 Ignored
golang-1.16 Not in release Not in release Needs evaluation Needs evaluation Ignored
golang-1.17 Not in release Needs evaluation Ignored
golang-1.7 Ignored
golang-1.8 Needs evaluation Ignored
Show less packages

CVE-2021-41771

Low priority
Needs evaluation

ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.

6 affected packages

golang-1.11, golang-1.15, golang-1.16, golang-1.17, golang-1.7, golang-1.8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-1.11 Ignored
golang-1.15 Ignored
golang-1.16 Not in release Not in release Needs evaluation Needs evaluation Ignored
golang-1.17 Not in release Needs evaluation Ignored
golang-1.7 Ignored
golang-1.8 Needs evaluation Ignored
Show less packages