Lucene search
K

7 matches found

OSV
OSV
added 2024/03/06 11:6 a.m.30 views

BIT-GOLANG-2021-27919

archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service panic upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename...

5.5CVSS6AI score0.01517EPSS
Exploits0References5
OSV
OSV
added 2021/03/11 12:15 a.m.34 views

CVE-2021-27919

archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service panic upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename...

5.5CVSS6.5AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/03/11 12:15 a.m.28 views

CVE-2021-27919

archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service panic upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename...

5.5CVSS6.8AI score0.01517EPSS
Exploits0References2
Prion
Prion
added 2021/03/11 12:15 a.m.21 views

Design/Logic Flaw

archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service panic upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename...

4.3CVSS5.4AI score0.01517EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2021/03/11 12:0 a.m.175 views

CVE-2021-27919

CVE-2021-27919 affects the Go standard library archive/zip: parsing ZIP archives where a filename begins with ../ can trigger a panic/denial of service in Go 1.16.x prior to 1.16.1 due to an unsafe Reader.Open path handling. Affected product: Go (archive/zip). Root cause: insufficient validation ...

5.5CVSS6AI score0.01517EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2021/03/11 12:0 a.m.32 views

CVE-2021-27919

archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service panic upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename...

5.5CVSS6.3AI score0.01517EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/03/11 12:0 a.m.61 views

CVE-2021-27919

archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service panic upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename...

5.5CVSS6.3AI score0.01517EPSS
Exploits0
Rows per page
Query Builder