VulnerableCode Package Details - pkg:rpm/redhat/kubevirt@4.9.0-287?arch=el8

Search for packages

Vulnerability	Summary	Fixed by
VCID-7ahs-f1qh-g7an Aliases: CVE-2021-3114	Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.	There are no reported fixed by versions.
VCID-cr7c-xuh8-guhy Aliases: CVE-2021-31525 GHSA-h86h-8ppg-mxmh	Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.	There are no reported fixed by versions.
VCID-dwge-3up7-yyaq Aliases: CVE-2020-16845 GHSA-q6gq-997w-f55g	Withdrawn Advisory: Infinite loop in xz ### Withdrawn Advisory This advisory has been withdrawn because alerts cannot be issued for the Go standard library at this time. ### Original Description Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.	There are no reported fixed by versions.
VCID-w9qm-pwnh-4ydj Aliases: CVE-2020-15586	golang: data race in certain net/http servers including ReverseProxy can lead to DoS	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-7ahs-f1qh-g7an
Aliases:
CVE-2021-3114

Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.

There are no reported fixed by versions.

VCID-cr7c-xuh8-guhy
Aliases:
CVE-2021-31525
GHSA-h86h-8ppg-mxmh

Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.

There are no reported fixed by versions.

VCID-dwge-3up7-yyaq
Aliases:
CVE-2020-16845
GHSA-q6gq-997w-f55g

Withdrawn Advisory: Infinite loop in xz ### Withdrawn Advisory This advisory has been withdrawn because alerts cannot be issued for the Go standard library at this time. ### Original Description Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.

There are no reported fixed by versions.

VCID-w9qm-pwnh-4ydj
Aliases:
CVE-2020-15586

golang: data race in certain net/http servers including ReverseProxy can lead to DoS

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:05:50.472398+00:00	RedHat Importer	Affected by	VCID-w9qm-pwnh-4ydj	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15586.json	38.0.0
2026-04-01T14:05:14.961053+00:00	RedHat Importer	Affected by	VCID-dwge-3up7-yyaq	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16845.json	38.0.0
2026-04-01T14:03:25.742593+00:00	RedHat Importer	Affected by	VCID-7ahs-f1qh-g7an	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3114.json	38.0.0
2026-04-01T14:02:25.686797+00:00	RedHat Importer	Affected by	VCID-cr7c-xuh8-guhy	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31525.json	38.0.0