7.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2021-38561

GHSA ID

GHSA-ppp9-7jff-5vj2

EPSS Score

0.1171%

CWE

CWE-125

Published

12/26/2022

Updated

10/2/2023

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2021-38561

CVE-2021-38561: golang.org/x/text/language Out-of-bounds Read vulnerability

golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.

(GitHub Advisory)

7.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2021-38561

GHSA ID

GHSA-ppp9-7jff-5vj2

EPSS Score

0.1171%

CWE

CWE-125

Published

12/26/2022

Updated

10/2/2023

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
golang.org/x/text	go	< 0.3.7	0.3.7

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

*ol*n*.or*/x/t*xt/l*n*u*** in *ol*n*.or*/x/t*xt ***or* *.*.* **n p*ni* wit* *n out-o*-*oun*s r*** *urin* **P ** l*n*u*** t** p*rsin*. In**x **l*ul*tion is mis**n*l**. I* p*rsin* untrust** us*r input, t*is **n ** us** *s * v**tor *or * **ni*l-o*-s*rvi

Reasoning

No *n*lysis *v*il**l*

7.5

Basic Information

Concerned about an active attack path?

CVE-2021-38561: golang.org/x/text/language Out-of-bounds Read vulnerability

7.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI