Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-14642

Malware in sbrugna...

5.5CVSS6.4AI score0.01517EPSS
Exploits0References7
OSV
OSV
added 2024/03/06 11:6 a.m.30 views

BIT-GOLANG-2021-27919

archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service panic upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename...

5.5CVSS6AI score0.01517EPSS
Exploits0References5
OSV
OSV
added 2024/03/06 11:3 a.m.32 views

BIT-GOLANG-2021-41772

Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field...

7.5CVSS7.5AI score0.03051EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.4 views

SUSE CVE-2021-27919

archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service panic upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename...

5.5CVSS7.9AI score0.01517EPSS
Exploits0References5
OSV
OSV
added 2021/11/08 6:15 a.m.30 views

CVE-2021-41772

Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field...

7.5CVSS6.5AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2021/11/08 12:0 a.m.40 views

CVE-2021-41772

Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field...

7.5CVSS7.1AI score0.03051EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2021/11/08 12:0 a.m.43 views

CVE-2021-41772

Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field...

7.5CVSS8.4AI score0.03051EPSS
Exploits0
Debian CVE
Debian CVE
added 2021/03/11 12:0 a.m.32 views

CVE-2021-27919

archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service panic upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename...

5.5CVSS6.3AI score0.01517EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/03/11 12:0 a.m.61 views

CVE-2021-27919

archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service panic upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename...

5.5CVSS6.3AI score0.01517EPSS
Exploits0
CNVD
CNVD
added 2021/03/11 12:0 a.m.8 views

Go Denial of Service Vulnerability (CNVD-2021-19693)

Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google. The archive/zip in Go is not working when attempting to use Reader.zip on zip archive files with filenames starting with . / begins with a ZIP archive file using the Reader.Open A...

5.5CVSS6.4AI score0.01517EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2021/03/05 12:0 a.m.49 views

go -- encoding/xml: infinite loop when using xml.NewTokenDecoder with a custom TokenReader; archive/zip: panic when calling Reader.Open

The Go project reports: The Decode, DecodeElement, and Skip methods of an xml.Decoder provided by xml.NewTokenDecoder may enter an infinite loop when operating on a custom xml.TokenReader which returns an EOF in the middle of an open XML element. The Reader.Open API, new in Go 1.16, will panic wh...

6.7AI score
Exploits0References2
Rows per page
Query Builder