Search for packages
| purl | pkg:alpm/archlinux/go@2:1.17.2-2 |
| Next non-vulnerable version | 2:1.17.3-1 |
| Latest non-vulnerable version | 2:1.24.3-1 |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-kvq4-bw5a-aaam
Aliases: CVE-2021-41772 |
Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field. |
Affected by 0 other vulnerabilities. |
|
VCID-nphv-er38-aaae
Aliases: CVE-2021-41771 |
ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:47:02.530115+00:00 | Arch Linux Importer | Affected by | VCID-nphv-er38-aaae | https://security.archlinux.org/AVG-2527 | 36.0.0 |
| 2025-03-28T07:47:02.511317+00:00 | Arch Linux Importer | Affected by | VCID-kvq4-bw5a-aaam | https://security.archlinux.org/AVG-2527 | 36.0.0 |
| 2024-09-18T02:02:25.216442+00:00 | Arch Linux Importer | Affected by | VCID-nphv-er38-aaae | https://security.archlinux.org/AVG-2527 | 34.0.1 |
| 2024-09-18T02:02:25.194038+00:00 | Arch Linux Importer | Affected by | VCID-kvq4-bw5a-aaam | https://security.archlinux.org/AVG-2527 | 34.0.1 |
| 2024-01-03T22:28:26.441526+00:00 | Arch Linux Importer | Affected by | VCID-nphv-er38-aaae | https://security.archlinux.org/AVG-2527 | 34.0.0rc1 |
| 2024-01-03T22:28:26.417347+00:00 | Arch Linux Importer | Affected by | VCID-kvq4-bw5a-aaam | https://security.archlinux.org/AVG-2527 | 34.0.0rc1 |