Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-27918

A security issue was found in Go before versions 1.16.1 and 1.15.9. The Decode, DecodeElement, and Skip methods of an xml.Decoder provided by xml.NewTokenDecoder may enter an infinite loop when operating on a custom xml.TokenReader which returns an EOF in the middle of an open XML element.

Source

Severity Low

Remote No

Type Denial of service

Description

A security issue was found in Go before versions 1.16.1 and 1.15.9. The Decode, DecodeElement, and Skip methods of an xml.Decoder provided by xml.NewTokenDecoder may enter an infinite loop when operating on a custom xml.TokenReader which returns an EOF in the middle of an open XML element.

AVG-1668 go 2:1.16-1 2:1.16.1-1 Low Fixed

https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw
https://github.com/golang/go/issues/44913
https://github.com/golang/go/commit/d86e53e896eca907ad67300c0bb495e3dd925358

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect