Search for packages
| purl | pkg:alpm/archlinux/go@2:1.16.5-1 |
| Next non-vulnerable version | 2:1.17-1 |
| Latest non-vulnerable version | 2:1.24.3-1 |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-gfdc-2q2q-aaak
Aliases: CVE-2021-34558 |
The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-2ps9-t61s-aaan | In archive/zip in Go before 1.15.13 and 1.16.x before 1.16.5, a crafted file count (in an archive's header) can cause a NewReader or OpenReader panic. |
CVE-2021-33196
|
| VCID-b1t1-32t4-aaaf | Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection (e.g., XSS) that does not conform to the RFC1035 format. |
CVE-2021-33195
|
| VCID-qggy-g6kz-aaaj | In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method. |
CVE-2021-33198
|
| VCID-tdq5-pwwt-aaan | In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy (from net/http/httputil) result in a situation where an attacker is able to drop arbitrary headers. |
CVE-2021-33197
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:47:03.577754+00:00 | Arch Linux Importer | Affected by | VCID-gfdc-2q2q-aaak | https://security.archlinux.org/AVG-2147 | 36.0.0 |
| 2025-03-28T07:46:34.475328+00:00 | Arch Linux Importer | Fixing | VCID-b1t1-32t4-aaaf | https://security.archlinux.org/AVG-2006 | 36.0.0 |
| 2025-03-28T07:46:34.456216+00:00 | Arch Linux Importer | Fixing | VCID-2ps9-t61s-aaan | https://security.archlinux.org/AVG-2006 | 36.0.0 |
| 2025-03-28T07:46:34.437130+00:00 | Arch Linux Importer | Fixing | VCID-tdq5-pwwt-aaan | https://security.archlinux.org/AVG-2006 | 36.0.0 |
| 2025-03-28T07:46:34.418043+00:00 | Arch Linux Importer | Fixing | VCID-qggy-g6kz-aaaj | https://security.archlinux.org/AVG-2006 | 36.0.0 |
| 2024-09-18T02:02:26.572967+00:00 | Arch Linux Importer | Affected by | VCID-gfdc-2q2q-aaak | https://security.archlinux.org/AVG-2147 | 34.0.1 |
| 2024-09-18T02:01:53.343124+00:00 | Arch Linux Importer | Fixing | VCID-b1t1-32t4-aaaf | https://security.archlinux.org/AVG-2006 | 34.0.1 |
| 2024-09-18T02:01:53.314986+00:00 | Arch Linux Importer | Fixing | VCID-2ps9-t61s-aaan | https://security.archlinux.org/AVG-2006 | 34.0.1 |
| 2024-09-18T02:01:53.286245+00:00 | Arch Linux Importer | Fixing | VCID-tdq5-pwwt-aaan | https://security.archlinux.org/AVG-2006 | 34.0.1 |
| 2024-09-18T02:01:53.251670+00:00 | Arch Linux Importer | Fixing | VCID-qggy-g6kz-aaaj | https://security.archlinux.org/AVG-2006 | 34.0.1 |
| 2024-01-03T22:28:27.658674+00:00 | Arch Linux Importer | Affected by | VCID-gfdc-2q2q-aaak | https://security.archlinux.org/AVG-2147 | 34.0.0rc1 |
| 2024-01-03T22:27:57.788780+00:00 | Arch Linux Importer | Fixing | VCID-b1t1-32t4-aaaf | https://security.archlinux.org/AVG-2006 | 34.0.0rc1 |
| 2024-01-03T22:27:57.761768+00:00 | Arch Linux Importer | Fixing | VCID-2ps9-t61s-aaan | https://security.archlinux.org/AVG-2006 | 34.0.0rc1 |
| 2024-01-03T22:27:57.735296+00:00 | Arch Linux Importer | Fixing | VCID-tdq5-pwwt-aaan | https://security.archlinux.org/AVG-2006 | 34.0.0rc1 |
| 2024-01-03T22:27:57.707951+00:00 | Arch Linux Importer | Fixing | VCID-qggy-g6kz-aaaj | https://security.archlinux.org/AVG-2006 | 34.0.0rc1 |