Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2021-29923

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 07 Π°Π²Π³. 2021
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: ubuntu
ΠŸΡ€ΠΈΠΎΡ€ΠΈΡ‚Π΅Ρ‚: medium
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

ОписаниС

Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-infra-legacy/trusty

needs-triage

esm-infra/bionic

needs-triage

esm-infra/focal

DNE

esm-infra/xenial

needs-triage

focal

DNE

hirsute

DNE

impish

DNE

jammy

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/bionic

needs-triage

esm-apps/jammy

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

esm-infra/focal

needs-triage

focal

ignored

end of standard support, was needs-triage
hirsute

ignored

end of life
impish

ignored

end of life

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

needs-triage

focal

ignored

end of standard support, was needs-triage
hirsute

ignored

end of life
impish

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

hirsute

ignored

end of life
impish

ignored

end of life
trusty

DNE

trusty/esm

DNE

upstream

needs-triage

xenial

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-infra-legacy/trusty

DNE

focal

ignored

end of standard support, was needs-triage
hirsute

ignored

end of life
impish

ignored

end of life
jammy

DNE

kinetic

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

esm-infra/xenial

needs-triage

focal

DNE

hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/bionic

needs-triage

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/bionic

needs-triage

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 31%
0.00115
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

БвязанныС уязвимости

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2021-29923

CVSS3: 7.3
redhat
большС 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2021-29923

CVSS3: 7.5
nvd
большС 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.

msrc Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2021-29923

CVSS3: 7.5
msrc
большС 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

ОписаниС отсутствуСт

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2021-29923

CVSS3: 7.5
debian
большС 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Go before 1.17 does not properly consider extraneous zero characters a ...

rocky Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

RLSA-2021:3585

rocky
ΠΎΠΊΠΎΠ»ΠΎ 4 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Moderate: go-toolset:rhel8 security update

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 31%
0.00115
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2021-29923