Lucene search
Veracode Vulnerability DatabaseVERACODE:32446HistoryOct 11, 2021 - 4:53 a.m.
Denial Of Service (DoS)
2021-10-1104:53:12
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
20
golang
vulnerability
denial of service
data overwrite
wasm
functions
software
EPSS
0.005
Percentile
76.8%
golang is vulnerable to denial of service. The vulnerability exists due to a data overwrite when invoking functions from WASM modules, built using GOARCH=wasm GOOS=js, passing very large arguments.
References
groups.google.com/forum/#!forum/golang-announce
groups.google.com/g/golang-announce/c/AEBu9j7yj5A
lists.fedoraproject.org/archives/list/[email protected]/message/4OFS3M3OFB24SWPTIAPARKGPUMQVUY6Z/
lists.fedoraproject.org/archives/list/[email protected]/message/ON7BQRRJZBOR5TJHURBAB3WLF4YXFC6Z/
security-tracker.debian.org/tracker/CVE-2021-38297
security.gentoo.org/glsa/202208-02
security.netapp.com/advisory/ntap-20211118-0006/
Related
openvas
openvas
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-1166)
2022-02-24 00:00:00
openSUSE: Security Advisory for go1.16 (openSUSE-SU-2021:3487-1)
2021-10-21 00:00:00
openSUSE: Security Advisory for go1.17 (openSUSE-SU-2021:3488-1)
2021-10-21 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-38297 affecting package golang for versions less than 1.17.8-1
2022-04-26 19:57:46
CVE-2021-38297 affecting package golang 1.16.7-1
2021-11-06 00:29:54
alpinelinux
alpinelinux
CVE-2021-38297
2021-10-18 06:15:06
osv
osv
Buffer overflow in WASM modules in misc/wasm and cmd/link
2022-05-24 20:14:28
go1.17-1.17.2-1.1 on GA media
2024-06-15 00:00:00
google-osconfig-agent-20230222.00-2.1 on GA media
2024-06-15 00:00:00
nessus
nessus
prion
prion
Buffer overflow
2021-10-18 06:15:00
altlinux
altlinux
Security fix for the ALT Linux 10 package golang version 1.17.2-alt1
2021-10-11 00:00:00
suse
suse
Security update for go1.17 (moderate)
2021-10-20 00:00:00
Security update for go1.16 (moderate)
2021-10-20 00:00:00
Security update for go1.16 (moderate)
2021-10-31 00:00:00
nvd
nvd
CVE-2021-38297
2021-10-18 06:15:06
githubexploit
githubexploit
Exploit for Classic Buffer Overflow in Golang Go
2023-11-15 20:52:36
Exploit for Classic Buffer Overflow in Golang Go
2024-04-04 01:17:05
ibm
ibm
cnvd
cnvd
Google Go buffer error vulnerability
2021-10-24 00:00:00
ubuntucve
ubuntucve
CVE-2021-38297
2021-10-18 00:00:00
debiancve
debiancve
CVE-2021-38297
2021-10-18 06:15:06
redhatcve
redhatcve
CVE-2021-38297
2021-10-11 14:49:54
freebsd
freebsd
cvelist
cvelist
CVE-2021-38297
2021-10-18 00:00:00
cve
cve
CVE-2021-38297
2021-10-18 06:15:06
photon
photon
Critical Photon OS Security Update - PHSA-2021-3.0-0321
2021-10-29 00:00:00
Critical Photon OS Security Update - PHSA-2021-0130
2021-11-29 00:00:00
Critical Photon OS Security Update - PHSA-2021-4.0-0130
2021-11-28 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: golang-1.16.11-1.fc35
2021-12-16 01:18:21
[SECURITY] Fedora 34 Update: golang-1.16.11-1.fc34
2021-12-16 01:14:10
mageia
mageia
Updated golang packages fix security vulnerability
2021-10-13 22:39:52
redhat
redhat
(RHSA-2022:0432) Moderate: Release of OpenShift Serverless Client kn 1.20.0
2022-02-03 15:51:33
(RHSA-2022:1819) Moderate: go-toolset:rhel8 security and bug fix update
2022-05-10 06:29:31
(RHSA-2022:0434) Moderate: Release of OpenShift Serverless 1.20.0
2022-02-03 17:07:25
amazon
amazon
Important: golang
2022-04-25 15:59:00
Important: golang
2022-07-06 03:11:00
Important: golang
2022-04-25 03:47:00
oraclelinux
oraclelinux
go-toolset:ol8 security and bug fix update
2022-05-17 00:00:00
rocky
rocky
go-toolset:rhel8 security and bug fix update
2022-05-10 06:29:31
almalinux
almalinux
Moderate: go-toolset:rhel8 security and bug fix update
2022-05-10 06:29:31
debian
debian
[SECURITY] [DLA 3395-1] golang-1.11 security update
2023-04-19 21:42:48
gentoo
gentoo
Go: Multiple Vulnerabilities
2022-08-04 00:00:00