Vulnerabilities > Golang > GO > 1.17.1

DATE CVE VULNERABILITY TITLE RISK
2021-11-08 CVE-2021-41772 Improper Input Validation vulnerability in multiple products
Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field.
network
low complexity
golang fedoraproject oracle CWE-20
7.5
7.5
2021-10-18 CVE-2021-38297 Classic Buffer Overflow vulnerability in multiple products
Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.
network
low complexity
golang fedoraproject CWE-120
critical
 9.8
9.8