CVE-2021-33195 in GoLang and NetApp Products
Published on August 2, 2021
Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection (e.g., XSS) that does not conform to the RFC1035 format.
Products Associated with CVE-2021-33195
stack.watch emails you whenever new vulnerabilities are published in GoLang Go or NetApp Cloud Insights Telegraf Agent. Just hit a watch button to start following.
Exploit Probability
EPSS
0.03%
Percentile
8.86%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.