CVE-2021-27918

SOURCE - nist

Summary

encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.

EPSS Score⁠: 0.00094 (0.395)

Common Weakness Enumeration (CWE)

SOURCE - nist

CWE-835⁠

Loop with Unreachable Exit Condition ('Infinite Loop')

SOURCE - redhat

CWE-835⁠

Loop with Unreachable Exit Condition ('Infinite Loop')

Sources (15)

Impacted images

nist

CREATED

3 years ago

UPDATED

1 year ago

SOURCE IDCVE-2021-27918⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-835⁠

CVSS SCORE

7.5high

alpine

CREATED

3 years ago

UPDATED

1 month ago

SOURCE IDCVE-2021-27918⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

debian

CREATED

3 years ago

UPDATED

8 months ago

SOURCE IDCVE-2021-27918⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

ubuntu

CREATED

3 years ago

UPDATED

26 days ago

SOURCE IDCVE-2021-27918⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5medium

golang

CREATED

2 years ago

UPDATED

11 months ago

SOURCE IDGO-2021-0234⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

amazon

CREATED

2 years ago

UPDATED

2 years ago

SOURCE IDALAS-2022-1830⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

2 years ago

UPDATED

5 months ago

SOURCE IDALAS-2022-1635⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

bitnami

CREATED

8 months ago

UPDATED

8 months ago

SOURCE ID

BIT-2021-27918

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

bitnami

CREATED

2 months ago

UPDATED

2 months ago

SOURCE ID

BIT-golang-2021-27918

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

redhat

CREATED

3 years ago

UPDATED

10 months ago

SOURCE IDCVE-2021-27918⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-835⁠

CVSS SCORE

7.5medium

rocky

CREATED

3 years ago

UPDATED

10 months ago

SOURCE IDRLSA-2021:3076⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

suse

CREATED

3 years ago

UPDATED

8 months ago

SOURCE IDCVE-2021-27918⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5high

oracle

CREATED

3 years ago

UPDATED

3 years ago

SOURCE IDELSA-2021-3076⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

oracle

CREATED

3 years ago

UPDATED

3 years ago

SOURCE IDELSA-2021-9267⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

oracle

CREATED

3 years ago

UPDATED

3 years ago

SOURCE IDELSA-2021-9268⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh