AVG-1668 log

Package go
Status Fixed
Severity Low
Type denial of service
Affected 2:1.16-1
Fixed 2:1.16.1-1
Current 2:1.22.1-1 [extra]
Ticket None
Created Wed Mar 10 16:43:57 2021
Issue Severity Remote Type Description
CVE-2021-27919 Low No Denial of service
archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service (panic) upon attempted use of the Reader.Open API for a ZIP archive in...
CVE-2021-27918 Low No Denial of service
encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle...