Vulnerabilities > CVE-2021-33194 - Infinite Loop vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
golang
fedoraproject
CWE-835
NVD
Published: 2021-05-26
Updated: 2023-11-07

Summary

golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.

Vulnerable Configurations

Part Description Count
Application
Golang
125
OS
Fedoraproject
1

Common Weakness Enumeration (CWE)

References