Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection (e.g., XSS) that does not conform to the RFC1035 format.

CPENameOperatorVersion
goge1.16.0
golt1.16.5
golt1.15.13

Name	Operator	Version
go	ge	1.16.0
go	lt	1.16.5
go	lt	1.15.13

References

groups.google.com/g/golang-announce

groups.google.com/g/golang-announce/c/RgCMkAEQjSI

security.gentoo.org/glsa/202208-02

security.netapp.com/advisory/ntap-20210902-0005/

cvelist 1

osv 8

redhatcve 1

debiancve 1

nvd 1

ibm 14

alpinelinux 1

ubuntucve 1

cve 1

veracode 1

nessus 38

redhat 28

openvas 9

freebsd 1

archlinux 1

suse 3

altlinux 2

rocky 2

almalinux 3

oraclelinux 2

photon 3

mageia 1

amazon 2

gentoo 1

cvelist

CVE-2021-33195

2021-08-02 18:51:34

osv

BIT-golang-2021-33195

2024-03-06 11:05:14

CVE-2021-33195

2021-08-02 19:15:08

Improper sanitization when resolving values from DNS in net

2022-02-17 17:33:35

redhatcve

CVE-2021-33195

2021-08-03 13:28:26

debiancve

CVE-2021-33195

2021-08-02 19:15:08

nvd

CVE-2021-33195

2021-08-02 19:15:08

ibm

Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Golang (CVE-2021-33195)

2022-04-22 16:04:09

Security Bulletin: IBM App Connect Enterprise Certified Container could allow a remote attacker to execute arbitrary code due to CVE-2021-33195

2021-08-03 15:36:06

Security Bulletin: Vulnerabilities in Golang Go may affect IBM Spectrum Protect Server (CVE-2021-33195, CVE-2021-33197, CVE-2021-36221)

2021-12-10 15:45:35

alpinelinux

CVE-2021-33195

2021-08-02 19:15:08

ubuntucve

CVE-2021-33195

2021-08-02 00:00:00

cve

CVE-2021-33195

2021-08-02 19:15:08

veracode

Arbitrary Values

2021-06-05 21:59:57

nessus

RHEL 7 / 8 : OpenShift Virtualization 2.6.10 RPMs (RHSA-2022:1402)

2024-04-28 00:00:00

RHEL 7 : go-toolset-1.15-golang (RHSA-2021:3431)

2021-09-07 00:00:00

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2021:4156)

2023-11-06 00:00:00

redhat

(RHSA-2021:3431) Moderate: go-toolset-1.15-golang security update

2021-09-07 08:12:15

(RHSA-2022:1402) Moderate: OpenShift Virtualization 2.6.10 RPMs security and bug fix update

2022-04-19 13:18:33

(RHSA-2021:3009) Moderate: OpenShift Container Platform 4.6.42 security update

2021-08-12 00:25:04

openvas

SUSE: Security Advisory (SUSE-SU-2021:2186-1)

2021-06-29 00:00:00

openSUSE: Security Advisory for go1.16 (openSUSE-SU-2021:2186-1)

2021-06-29 00:00:00

openSUSE: Security Advisory for go1.15 (openSUSE-SU-2021:2214-1)

2021-07-01 00:00:00

freebsd

go -- multiple vulnerabilities

2021-05-01 00:00:00

archlinux

[ASA-202106-42] go: multiple issues

2021-06-15 00:00:00

suse

Security update for go1.15 (important)

2021-07-01 00:00:00

Security update for go1.16 (important)

2021-06-28 00:00:00

Security update for go1.15 (important)

2021-06-30 00:00:00

altlinux

Security fix for the ALT Linux 9 package golang version 1.15.13-alt1

2021-06-07 00:00:00

Security fix for the ALT Linux 10 package golang version 1.16.5-alt1

2021-06-05 00:00:00

rocky

go-toolset:rhel8 security, bug fix, and enhancement update

2021-11-09 08:25:49

grafana security, bug fix, and enhancement update

2021-11-09 08:46:47

almalinux

Moderate: go-toolset:rhel8 security, bug fix, and enhancement update

2021-11-09 08:25:49

Moderate: grafana security, bug fix, and enhancement update

2021-11-09 08:46:47

Moderate: buildah security and bug fix update

2022-11-15 00:00:00

oraclelinux

grafana security, bug fix, and enhancement update

2021-11-16 00:00:00

buildah security and bug fix update

2022-11-22 00:00:00

photon

Important Photon OS Security Update - PHSA-2021-0294

2021-09-02 00:00:00

Important Photon OS Security Update - PHSA-2021-3.0-0294

2021-09-02 00:00:00

Critical Photon OS Security Update - PHSA-2022-0476

2022-03-03 00:00:00

mageia

Updated golang packages fix security vulnerabilities

2021-07-25 11:34:17

amazon

Important: golang

2022-07-28 21:55:00

Important: golang

2022-09-15 03:57:00

gentoo

Go: Multiple Vulnerabilities

2022-08-04 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.3 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.6%

JSON

Related for PRION:CVE-2021-33195