CVE-2021-3121

Опубликовано: 11 янв. 2021

Источник: debian

Описание

An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
golang-gogoprotobuf	fixed	1.3.2-1		package
golang-gogoprotobuf	postponed		buster	package
golang-gogoprotobuf	no-dsa		stretch	package

Примечания

https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc
Triage discussion: https://lists.debian.org/debian-lts/2021/03/msg00011.html

Связанные уязвимости

CVE-2021-3121

CVSS3: 8.6

ubuntu

около 5 лет назад

An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.

CVE-2021-3121

CVSS3: 8.6

redhat

около 5 лет назад

An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.

CVE-2021-3121

CVSS3: 8.6

nvd

около 5 лет назад

An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.

SUSE-SU-2025:02977-1

suse-cvrf

6 месяцев назад

Security update for kubernetes1.18

GHSA-c3h9-896r-86jm

CVSS3: 8.6

github

почти 4 года назад

Improper Input Validation in GoGo Protobuf