CVE-2021-39293

SOURCE - nist

Summary

In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196.

EPSS Score⁠: 0.00114 (0.447)

Common Weakness Enumeration (CWE)

SOURCE - nist

CWE-770⁠

Allocation of Resources Without Limits or Throttling

SOURCE - redhat

CWE-400⁠

Uncontrolled Resource Consumption

Sources (16)

Impacted images

nist

CREATED

2 years ago

UPDATED

1 year ago

SOURCE IDCVE-2021-39293⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-770⁠

CVSS SCORE

7.5high

alpine

CREATED

2 years ago

UPDATED

1 month ago

SOURCE IDCVE-2021-39293⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

debian

CREATED

2 years ago

UPDATED

8 months ago

SOURCE IDCVE-2021-39293⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

ubuntu

CREATED

2 years ago

UPDATED

26 days ago

SOURCE IDCVE-2021-39293⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5medium

golang

CREATED

2 years ago

UPDATED

11 months ago

SOURCE IDGO-2022-0273⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

alma

CREATED

2 years ago

UPDATED

2 years ago

SOURCE IDALSA-2022:1819⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

amazon

CREATED

2 years ago

UPDATED

2 years ago

SOURCE IDALAS-2022-1776⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

2 years ago

UPDATED

2 years ago

SOURCE IDALAS-2022-1811⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

2 years ago

UPDATED

2 years ago

SOURCE IDALAS-2022-1830⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

amazon

CREATED

2 years ago

UPDATED

5 months ago

SOURCE IDALAS-2022-1635⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

bitnami

CREATED

8 months ago

UPDATED

8 months ago

SOURCE ID

BIT-2021-39293

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

bitnami

CREATED

2 months ago

UPDATED

2 months ago

SOURCE ID

BIT-golang-2021-39293

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

redhat

CREATED

3 years ago

UPDATED

10 months ago

SOURCE IDCVE-2021-39293⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-400⁠

CVSS SCORE

7.5medium

rocky

CREATED

2 years ago

UPDATED

10 months ago

SOURCE IDRLSA-2022:1819⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

suse

CREATED

2 years ago

UPDATED

8 months ago

SOURCE IDCVE-2021-39293⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5high

oracle

CREATED

2 years ago

UPDATED

2 years ago

SOURCE IDELSA-2022-1819⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium