Search for packages
| purl | pkg:alpm/archlinux/go@2:1.16-1 |
| Next non-vulnerable version | 2:1.16.1-1 |
| Latest non-vulnerable version | 2:1.24.3-1 |
| Risk | 3.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-gk52-c5p2-aaam
Aliases: CVE-2021-27918 |
encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method. |
Affected by 0 other vulnerabilities. |
|
VCID-mqr4-3cbw-aaag
Aliases: CVE-2021-27919 |
archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service (panic) upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:47:04.794230+00:00 | Arch Linux Importer | Affected by | VCID-gk52-c5p2-aaam | https://security.archlinux.org/AVG-1668 | 36.0.0 |
| 2025-03-28T07:47:04.775333+00:00 | Arch Linux Importer | Affected by | VCID-mqr4-3cbw-aaag | https://security.archlinux.org/AVG-1668 | 36.0.0 |
| 2024-09-18T02:02:28.197621+00:00 | Arch Linux Importer | Affected by | VCID-gk52-c5p2-aaam | https://security.archlinux.org/AVG-1668 | 34.0.1 |
| 2024-09-18T02:02:28.170982+00:00 | Arch Linux Importer | Affected by | VCID-mqr4-3cbw-aaag | https://security.archlinux.org/AVG-1668 | 34.0.1 |
| 2024-01-03T22:28:29.060976+00:00 | Arch Linux Importer | Affected by | VCID-gk52-c5p2-aaam | https://security.archlinux.org/AVG-1668 | 34.0.0rc1 |
| 2024-01-03T22:28:29.036779+00:00 | Arch Linux Importer | Affected by | VCID-mqr4-3cbw-aaag | https://security.archlinux.org/AVG-1668 | 34.0.0rc1 |