VulnerableCode Package Details - pkg:alpm/archlinux/go@2:1.16.1-1

Search for packages

Package details: pkg:alpm/archlinux/go@2:1.16.1-1

Essentials
History (6)

purl	pkg:alpm/archlinux/go@2:1.16.1-1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-gk52-c5p2-aaam	encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.	CVE-2021-27918
VCID-mqr4-3cbw-aaag	archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service (panic) upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename.	CVE-2021-27919

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:47:04.799300+00:00	Arch Linux Importer	Fixing	VCID-gk52-c5p2-aaam	https://security.archlinux.org/AVG-1668	36.0.0
2025-03-28T07:47:04.780469+00:00	Arch Linux Importer	Fixing	VCID-mqr4-3cbw-aaag	https://security.archlinux.org/AVG-1668	36.0.0
2024-09-18T02:02:28.202495+00:00	Arch Linux Importer	Fixing	VCID-gk52-c5p2-aaam	https://security.archlinux.org/AVG-1668	34.0.1
2024-09-18T02:02:28.176023+00:00	Arch Linux Importer	Fixing	VCID-mqr4-3cbw-aaag	https://security.archlinux.org/AVG-1668	34.0.1
2024-01-03T22:28:29.065720+00:00	Arch Linux Importer	Fixing	VCID-gk52-c5p2-aaam	https://security.archlinux.org/AVG-1668	34.0.0rc1
2024-01-03T22:28:29.041476+00:00	Arch Linux Importer	Fixing	VCID-mqr4-3cbw-aaag	https://security.archlinux.org/AVG-1668	34.0.0rc1