CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2021-33196 – golang: archive/zip: malformed archive may cause panic or memory exhaustion
https://notcve.org/view.php?id=CVE-2021-33196
In archive/zip in Go before 1.15.13 and 1.16.x before 1.16.5, a crafted file count (in an archive's header) can cause a NewReader or OpenReader panic. En archive/zip en Go versiones anteriores a 1.15.13 y versiones 1.16.x anteriores a 1.16.5, un recuento de archivos crafteado (en la cabecera de un archivo) puede causar un pánico en NewReader u OpenReader. A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. • https://groups.google.com/g/golang-announce https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html https://security.gentoo.org/glsa/202208-02 https://access.redhat.com/security/cve/CVE-2021-33196 https://bugzilla.redhat.com/show_bug.cgi?id=1965503 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2021-31525 – golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header
https://notcve.org/view.php?id=CVE-2021-31525
net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations. net/http en Go versiones anteriores a 1.15.12 y versiones 1.16.x anteriores a 1.16.4, permite a atacantes remotos causar una denegación de servicio (pánico) por medio de un encabezado grande en los parámetros ReadRequest o ReadResponse. El Servidor, el Transporte y el Cliente pueden estar afectados en algunas configuraciones A vulnerability was detected in net/http of the Go standard library when parsing very large HTTP header values, causing a crash and subsequent denial of service. This vulnerability affects both clients and servers written in Go, however, servers are only vulnerable if the value of MaxHeaderBytes has been increased from the default. • https://github.com/golang/go/issues/45710 https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ISRZZ6NY5R2TBYE72KZFOCO25TEUQTBF https://security.gentoo.org/glsa/202208-02 https://access.redhat.com/security/cve/CVE-2021-31525 https://bugzilla.redhat.com/show_bug.cgi?id=1958341 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-674: Uncontrolled Recursion •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-33194 – golang: x/net/html: infinite loop in ParseFragment
https://notcve.org/view.php?id=CVE-2021-33194
golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input. golang.org/x/net antes de v0.0.0-20210520170846-37e1c6afe023 permite a los atacantes provocar una denegación de servicio (bucle infinito) a través de una entrada ParseFragment manipulada A flaw was found in golang. An attacker can craft an input to ParseFragment within parse.go that would cause it to enter an infinite loop and never return. The greatest threat to the system is of availability. • https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7 https://groups.google.com/g/golang-announce/c/wPunbCPkWUg https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM https://access.redhat.com/security/cve/CVE-2021-33194 https://bugzilla.redhat.com/show_bug.cgi?id=1963232 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-27919
https://notcve.org/view.php?id=CVE-2021-27919
archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service (panic) upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename. archive/zip en Go versiones 1.16.x anteriores a 1.16.1, permite a atacantes causar una denegación de servicio (pánico) al intentar usar la API Reader.Open para un archivo ZIP en el que ../ aparece al principio de cualquier nombre de archivo • https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MU47VKTNXX33ZDLTI2ORRUY3KLJKU6G https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HM7U5JNS5WU66Q3S26PFIU2ITB2ATTQ4 https://security.gentoo.org/glsa/202208-02 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-27918 – golang: encoding/xml: infinite loop when using xml.NewTokenDecoder with a custom TokenReader
https://notcve.org/view.php?id=CVE-2021-27918
encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method. encoding/xml en Go versiones anteriores a 1.15.9 y versiones 1.16.x anteriores a 1.16.1, presenta un bucle infinito si un TokenReader personalizado (para xml.NewTokenDecoder) devuelve EOF en medio de un elemento. Esto puede ocurrir en el método Decode, DecodeElement o Skip An infinite loop vulnerability was found in golang. If an application defines a custom token parser initializing with `xml.NewTokenDecoder` it is possible for the parsing loop to never return. An attacker could potentially craft a malicious XML document which has an XML element with `EOF` within it, causing the parsing application to endlessly loop, resulting in a Denial of Service (DoS). • https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw https://security.gentoo.org/glsa/202208-02 https://access.redhat.com/security/cve/CVE-2021-27918 https://bugzilla.redhat.com/show_bug.cgi?id=1937901 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •