Search CVE reports
61 – 63 of 63 results
CVE-2021-44716
Medium prioritySome fixes available 5 of 21
net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.
8 affected packages
golang-1.11, golang-1.15, golang-1.17, golang-1.7, golang-1.8...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
golang-1.11 | Not in release | Not in release | Not in release | Not in release | Ignored |
golang-1.15 | — | — | Not in release | Not in release | Ignored |
golang-1.17 | Not in release | Vulnerable | Not in release | Not in release | Ignored |
golang-1.7 | Not in release | Not in release | Not in release | Not in release | Ignored |
golang-1.8 | Not in release | Not in release | Not in release | Vulnerable | Ignored |
golang-golang-x-net | Not affected | Not affected | Not in release | Not in release | Not in release |
golang-golang-x-net-dev | Not in release | Not in release | Vulnerable | Vulnerable | Needs evaluation |
google-guest-agent | Fixed | Fixed | Fixed | Vulnerable | Vulnerable |
CVE-2021-41772
Medium priorityGo before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field.
6 affected packages
golang-1.11, golang-1.15, golang-1.16, golang-1.17, golang-1.7, golang-1.8
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
golang-1.11 | — | — | — | — | Ignored |
golang-1.15 | — | — | — | — | Ignored |
golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation | Ignored |
golang-1.17 | Not in release | Needs evaluation | — | — | Ignored |
golang-1.7 | — | — | — | — | Ignored |
golang-1.8 | — | — | — | Needs evaluation | Ignored |
CVE-2021-41771
Low priorityImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.
6 affected packages
golang-1.11, golang-1.15, golang-1.16, golang-1.17, golang-1.7, golang-1.8
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
golang-1.11 | — | — | — | — | Ignored |
golang-1.15 | — | — | — | — | Ignored |
golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation | Ignored |
golang-1.17 | Not in release | Needs evaluation | — | — | Ignored |
golang-1.7 | — | — | — | — | Ignored |
golang-1.8 | — | — | — | Needs evaluation | Ignored |