rpm package
almalinux/golang-misc
pkg:rpm/almalinux/golang-misc
Vulnerabilities (63)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-41771 | — | < 1.17.7-1.module_el8.6.0+2736+ec10aba8 | 1.17.7-1.module_el8.6.0+2736+ec10aba8 | Nov 8, 2021 | ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation. | ||
| CVE-2021-38297 | — | < 1.17.7-1.module_el8.6.0+2736+ec10aba8 | 1.17.7-1.module_el8.6.0+2736+ec10aba8 | Oct 18, 2021 | Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used. | ||
| CVE-2021-33196 | — | < 1.17.7-1.module_el8.6.0+2736+ec10aba8 | 1.17.7-1.module_el8.6.0+2736+ec10aba8 | Aug 2, 2021 | In archive/zip in Go before 1.15.13 and 1.16.x before 1.16.5, a crafted file count (in an archive's header) can cause a NewReader or OpenReader panic. |
- CVE-2021-41771Nov 8, 2021affected < 1.17.7-1.module_el8.6.0+2736+ec10aba8fixed 1.17.7-1.module_el8.6.0+2736+ec10aba8
ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.
- CVE-2021-38297Oct 18, 2021affected < 1.17.7-1.module_el8.6.0+2736+ec10aba8fixed 1.17.7-1.module_el8.6.0+2736+ec10aba8
Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.
- CVE-2021-33196Aug 2, 2021affected < 1.17.7-1.module_el8.6.0+2736+ec10aba8fixed 1.17.7-1.module_el8.6.0+2736+ec10aba8
In archive/zip in Go before 1.15.13 and 1.16.x before 1.16.5, a crafted file count (in an archive's header) can cause a NewReader or OpenReader panic.
Page 4 of 4