CVE-2021-33195

SOURCE - nist

Summary

Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection (e.g., XSS) that does not conform to the RFC1035 format.

EPSS Score⁠: 0.00502 (0.763)

Common Weakness Enumeration (CWE)

SOURCE - nist

CWE-74⁠

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

SOURCE - redhat

CWE-20⁠

Improper Input Validation

Sources (19)

Impacted images

nist

CREATED

3 years ago

UPDATED

2 years ago

SOURCE IDCVE-2021-33195⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-74⁠

CVSS SCORE

7.3high

alpine

CREATED

3 years ago

UPDATED

1 month ago

SOURCE IDCVE-2021-33195⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

debian

CREATED

3 years ago

UPDATED

8 months ago

SOURCE IDCVE-2021-33195⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

ubuntu

CREATED

3 years ago

UPDATED

27 days ago

SOURCE IDCVE-2021-33195⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.3medium

golang

CREATED

2 years ago

UPDATED

11 months ago

SOURCE IDGO-2021-0239⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

alma

CREATED

1 year ago

UPDATED

1 year ago

SOURCE IDALSA-2022:8008⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

alma

CREATED

2 years ago

UPDATED

2 years ago

SOURCE IDALSA-2021:4226⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

alma

CREATED

2 years ago

UPDATED

2 years ago

SOURCE IDALSA-2021:4156⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

amazon

CREATED

2 years ago

UPDATED

2 years ago

SOURCE IDALAS-2022-1830⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

2 years ago

UPDATED

5 months ago

SOURCE IDALAS-2022-1635⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

bitnami

CREATED

8 months ago

UPDATED

8 months ago

SOURCE ID

BIT-2021-33195

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

bitnami

CREATED

2 months ago

UPDATED

2 months ago

SOURCE ID

BIT-golang-2021-33195

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

redhat

CREATED

3 years ago

UPDATED

10 months ago

SOURCE IDCVE-2021-33195⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-20⁠

CVSS SCORE

7.5medium

rocky

CREATED

2 years ago

UPDATED

10 months ago

SOURCE IDRLSA-2021:4156⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

rocky

CREATED

2 years ago

UPDATED

10 months ago

SOURCE IDRLSA-2021:4226⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

suse

CREATED

3 years ago

UPDATED

8 months ago

SOURCE IDCVE-2021-33195⁠

EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.1medium

oracle

CREATED

1 year ago

UPDATED

1 year ago

SOURCE IDELSA-2022-8008⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

oracle

CREATED

2 years ago

UPDATED

2 years ago

SOURCE IDELSA-2021-4226⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

inthewild

CREATED

10 months ago

UPDATED

10 months ago

SOURCE IDCVE-2021-33195⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE