Vulnerabilities > CVE-2023-39321 - Unspecified vulnerability in Golang GO 1.21.0/1.21.00
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
Processing an incomplete post-handshake message for a QUIC connection can cause a panic.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 6 |
References
- https://go.dev/cl/523039
- https://go.dev/cl/523039
- https://go.dev/issue/62266
- https://go.dev/issue/62266
- https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ
- https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ
- https://pkg.go.dev/vuln/GO-2023-2044
- https://pkg.go.dev/vuln/GO-2023-2044
- https://security.gentoo.org/glsa/202311-09
- https://security.gentoo.org/glsa/202311-09
- https://security.netapp.com/advisory/ntap-20231020-0004/
- https://security.netapp.com/advisory/ntap-20231020-0004/