​
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-8wgv-mqw5-xc92

Published

Last updated

https://images.chainguard.dev/security/CGA-8wgv-mqw5-xc92
Package

vt-cli

Latest Update
Fixed
Fixed Version

1.0.0-r3

Aliases
  • CVE-2021-38561
  • GHSA-ppp9-7jff-5vj2

Severity

7.5

High

CVSS V3

Summary

golang.org/x/text/language Out-of-bounds Read vulnerability

Description

golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images