VYPR
High severityNVD Advisory· Published Dec 26, 2022· Updated Apr 14, 2025

CVE-2021-38561

CVE-2021-38561

Description

golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
golang.org/x/textGo
< 0.3.70.3.7

Affected products

24

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.