AVG-1668 log
| Package | go |
| Status | Fixed |
| Severity | Low |
| Type | denial of service |
| Affected | 2:1.16-1 |
| Fixed | 2:1.16.1-1 |
| Current | 2:1.25.4-1 [extra] |
| Ticket | None |
| Created | Wed Mar 10 16:43:57 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-27919 | Low | No | Denial of service | archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service (panic) upon attempted use of the Reader.Open API for a ZIP archive in... |
| CVE-2021-27918 | Low | No | Denial of service | encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle... |