CVE-2021-39293 in GoLang and NetApp Products
Published on January 24, 2022
In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196.
Products Associated with CVE-2021-39293
stack.watch emails you whenever new vulnerabilities are published in GoLang Go or NetApp Cloud Insights Telegraf. Just hit a watch button to start following.
Exploit Probability
EPSS
0.04%
Percentile
11.81%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.