5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
28.6%
archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial
of service (panic) upon attempted use of the Reader.Open API for a ZIP
archive in which โฆ/ occurs at the beginning of any filename.
Author | Note |
---|---|
mdeslaur | Packages built using golang need to be rebuilt once the vulnerability has been fixed. This CVE entry does not list packages that need rebuilding outside of the main repository or the Ubuntu variants with PPA overlays. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | golang-1.10 | <ย any | UNKNOWN |
ubuntu | 14.04 | noarch | golang-1.10 | <ย any | UNKNOWN |
ubuntu | 16.04 | noarch | golang-1.10 | <ย any | UNKNOWN |
ubuntu | 18.04 | noarch | golang-1.13 | <ย any | UNKNOWN |
ubuntu | 20.04 | noarch | golang-1.13 | <ย any | UNKNOWN |
ubuntu | 22.04 | noarch | golang-1.13 | <ย any | UNKNOWN |
ubuntu | 16.04 | noarch | golang-1.13 | <ย any | UNKNOWN |
ubuntu | 20.04 | noarch | golang-1.14 | <ย any | UNKNOWN |
ubuntu | 16.04 | noarch | golang-1.6 | <ย any | UNKNOWN |
ubuntu | 18.04 | noarch | golang-1.8 | <ย any | UNKNOWN |
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
28.6%