VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-hscf-fc4z-aaaj

Essentials
Severities (143)
References (55)
Severity details (23)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-hscf-fc4z-aaaj
Aliases	CVE-2021-3121 GHSA-c3h9-896r-86jm
Summary	An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-129	Improper Validation of Array Index
CWE-20	Improper Input Validation

System	Score	Found at
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:5633
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:5634
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:5635
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:0799
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:1005
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:1006
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:1007
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:1225
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:1227
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:1552
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:1563
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:2121
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:2136
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:2286
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:2374
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:2437
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:2438
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:2920
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:2977
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:3259
rhas	Important	https://access.redhat.com/errata/RHSA-2021:3262
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:3303
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:3759
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:4104
rhas	Moderate	https://access.redhat.com/errata/RHSA-2022:0056
rhas	Moderate	https://access.redhat.com/errata/RHSA-2022:0283
rhas	Moderate	https://access.redhat.com/errata/RHSA-2022:0577
rhas	Important	https://access.redhat.com/errata/RHSA-2022:1276
rhas	Moderate	https://access.redhat.com/errata/RHSA-2022:1679
cvssv3	8.6	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3121.json
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00226	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00955	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00960	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00960	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00960	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00960	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00960	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00960	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.00989	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.01089	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.01089	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.01089	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.01303	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.01303	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.01303	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
epss	0.01303	https://api.first.org/data/v1/epss?cve=CVE-2021-3121
cvssv3.1	8.6	https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025
generic_textual	HIGH	https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025
cvssv3.1	7.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	8.6	https://github.com/gogo/protobuf
generic_textual	HIGH	https://github.com/gogo/protobuf
cvssv3.1	8.6	https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc
generic_textual	HIGH	https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc
cvssv3.1	8.6	https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2
generic_textual	HIGH	https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2
cvssv3.1	8.6	https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
cvssv3.1	8.6	https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E
cvssv3.1	8.6	https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E
cvssv2	7.5	https://nvd.nist.gov/vuln/detail/CVE-2021-3121
cvssv3	8.6	https://nvd.nist.gov/vuln/detail/CVE-2021-3121
cvssv3.1	8.6	https://nvd.nist.gov/vuln/detail/CVE-2021-3121
cvssv3.1	8.6	https://pkg.go.dev/vuln/GO-2021-0053
generic_textual	HIGH	https://pkg.go.dev/vuln/GO-2021-0053
cvssv3.1	8.6	https://security.netapp.com/advisory/ntap-20210219-0006
generic_textual	HIGH	https://security.netapp.com/advisory/ntap-20210219-0006

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3121.json
		https://api.first.org/data/v1/epss?cve=CVE-2021-3121
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121
		https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/gogo/protobuf
		https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc
		https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2
		https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E
		https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff%40%3Cnotifications.skywalking.apache.org%3E
		https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E
		https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e%40%3Ccommits.pulsar.apache.org%3E
		https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E
		https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44%40%3Ccommits.pulsar.apache.org%3E
		https://pkg.go.dev/vuln/GO-2021-0053
		https://security.netapp.com/advisory/ntap-20210219-0006
		https://security.netapp.com/advisory/ntap-20210219-0006/
cpe:2.3:a:golang:protobuf::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:golang:protobuf::::::::
cpe:2.3:a:hashicorp:consul:::::-:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hashicorp:consul:::::-:::*
cpe:2.3:a:hashicorp:consul:::::enterprise:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hashicorp:consul:::::enterprise:::*
CVE-2021-3121		https://nvd.nist.gov/vuln/detail/CVE-2021-3121
RHBA-2021:3760		https://bugzilla.redhat.com/show_bug.cgi?id=1921650
RHSA-2020:5633		https://access.redhat.com/errata/RHSA-2020:5633
RHSA-2020:5634		https://access.redhat.com/errata/RHSA-2020:5634
RHSA-2020:5635		https://access.redhat.com/errata/RHSA-2020:5635
RHSA-2021:0607		https://access.redhat.com/errata/RHSA-2021:0607
RHSA-2021:0719		https://access.redhat.com/errata/RHSA-2021:0719
RHSA-2021:0799		https://access.redhat.com/errata/RHSA-2021:0799
RHSA-2021:1005		https://access.redhat.com/errata/RHSA-2021:1005
RHSA-2021:1006		https://access.redhat.com/errata/RHSA-2021:1006
RHSA-2021:1007		https://access.redhat.com/errata/RHSA-2021:1007
RHSA-2021:1225		https://access.redhat.com/errata/RHSA-2021:1225
RHSA-2021:1227		https://access.redhat.com/errata/RHSA-2021:1227
RHSA-2021:1552		https://access.redhat.com/errata/RHSA-2021:1552
RHSA-2021:1563		https://access.redhat.com/errata/RHSA-2021:1563
RHSA-2021:2121		https://access.redhat.com/errata/RHSA-2021:2121
RHSA-2021:2136		https://access.redhat.com/errata/RHSA-2021:2136
RHSA-2021:2286		https://access.redhat.com/errata/RHSA-2021:2286
RHSA-2021:2374		https://access.redhat.com/errata/RHSA-2021:2374
RHSA-2021:2437		https://access.redhat.com/errata/RHSA-2021:2437
RHSA-2021:2438		https://access.redhat.com/errata/RHSA-2021:2438
RHSA-2021:2920		https://access.redhat.com/errata/RHSA-2021:2920
RHSA-2021:2977		https://access.redhat.com/errata/RHSA-2021:2977
RHSA-2021:3259		https://access.redhat.com/errata/RHSA-2021:3259
RHSA-2021:3262		https://access.redhat.com/errata/RHSA-2021:3262
RHSA-2021:3303		https://access.redhat.com/errata/RHSA-2021:3303
RHSA-2021:3759		https://access.redhat.com/errata/RHSA-2021:3759
RHSA-2021:4104		https://access.redhat.com/errata/RHSA-2021:4104
RHSA-2022:0056		https://access.redhat.com/errata/RHSA-2022:0056
RHSA-2022:0283		https://access.redhat.com/errata/RHSA-2022:0283
RHSA-2022:0577		https://access.redhat.com/errata/RHSA-2022:0577
RHSA-2022:1276		https://access.redhat.com/errata/RHSA-2022:1276
RHSA-2022:1679		https://access.redhat.com/errata/RHSA-2022:1679
RHSA-2022:6536		https://access.redhat.com/errata/RHSA-2022:6536
RHSA-2022:6916		https://access.redhat.com/errata/RHSA-2022:6916

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3121.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Found at https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Found at https://github.com/gogo/protobuf

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Found at https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Found at https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Found at https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Found at https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Found at https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2021-3121

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-3121

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-3121

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Found at https://pkg.go.dev/vuln/GO-2021-0053

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Found at https://security.netapp.com/advisory/ntap-20210219-0006

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.11654
EPSS Score	0.00047
Published At	April 13, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.