Vulnerability Database
Blog
FAQ
Docs
BIT-golang-2023-39321
See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/golang/BIT-golang-2023-39321.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-golang-2023-39321
Aliases
CVE-2023-39321
GO-2023-2044
Published
2024-03-06T10:54:10.069Z
Modified
2024-09-11T06:13:44.586875Z
Summary
[none]
Details
Processing an incomplete post-handshake message for a QUIC connection can cause a panic.
References
https://go.dev/cl/523039
https://go.dev/issue/62266
https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ
https://pkg.go.dev/vuln/GO-2023-2044
https://security.gentoo.org/glsa/202311-09
https://security.netapp.com/advisory/ntap-20231020-0004/
Affected packages
Bitnami
/
golang
Package
Name
golang
Purl
pkg:bitnami/golang
Severity
7.5 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS Calculator
Affected ranges
Type
SEMVER
Events
Introduced
1.21.0
Fixed
1.21.1
BIT-golang-2023-39321 - OSV