CVE-2021-27918
EUVD-2021-1464111.03.2021, 00:15
encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| golang | go | 𝑥 < 1.15.9 |
| golang | go | 1.16.0 ≤ 𝑥 < 1.16.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| golang |
| ||||||||||||||||||||||||
| golang-1.10 |
| ||||||||||||||||||||||||
| golang-1.13 |
| ||||||||||||||||||||||||
| golang-1.14 |
| ||||||||||||||||||||||||
| golang-1.15 |
| ||||||||||||||||||||||||
| golang-1.6 |
| ||||||||||||||||||||||||
| golang-1.8 |
| ||||||||||||||||||||||||
| golang-1.9 |
|
Common Weakness Enumeration