In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method.
References
Link | Resource |
---|---|
https://groups.google.com/g/golang-announce | Third Party Advisory |
https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI | Exploit Patch Third Party Advisory |
https://security.gentoo.org/glsa/202208-02 | Third Party Advisory |
Configurations
History
14 Sep 2022, 21:11
Type | Values Removed | Values Added |
---|---|---|
References | (GENTOO) https://security.gentoo.org/glsa/202208-02 - Third Party Advisory |
04 Aug 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Aug 2021, 18:07
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CPE | cpe:2.3:a:golang:go:*:*:*:*:*:*:*:* | |
References | (MISC) https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI - Exploit, Patch, Third Party Advisory | |
References | (MISC) https://groups.google.com/g/golang-announce - Third Party Advisory |
08 Aug 2021, 06:15
Type | Values Removed | Values Added |
---|---|---|
Summary | In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method. |
02 Aug 2021, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-08-02 19:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-33198
Mitre link : CVE-2021-33198
CVE.ORG link : CVE-2021-33198
JSON object : View
Products Affected
golang
- go
CWE