[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-27918":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":19,"aliases":20,"duplicate_of":9,"upstream":23,"downstream":24,"duplicates":47,"related":48,"reserved_at":9,"published_at":55,"modified_at":56,"state":57,"summary":58,"references_raw":67,"kevs":98,"epss":99,"epss_history":102,"metrics":369,"affected":379},"CVE-2021-27918","encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-835","Loop with Unreachable Exit Condition ('Infinite Loop')","The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.","weakness","Incomplete","Base",[],[],[21,22],"GO-2021-0234","BIT-golang-2021-27918",[],[25,27,29,31,33,35,37,39,41,43,45],{"_key":26},"UBUNTU-CVE-2021-27918",{"_key":28},"SUSE-SU-2021:0937-1",{"_key":30},"SUSE-SU-2021:0938-1",{"_key":32},"OPENSUSE-SU-2021:0480-1",{"_key":34},"OPENSUSE-SU-2024:10808-1",{"_key":36},"OPENSUSE-SU-2024:10809-1",{"_key":38},"RHSA-2021:2704",{"_key":40},"RHSA-2021:3076",{"_key":42},"MGASA-2021-0369",{"_key":44},"DEBIAN-CVE-2021-27918",{"_key":46},"RHSA-2021:3555",[],[49,50,51,52,53,54],{"_key":28},{"_key":30},{"_key":32},{"_key":34},{"_key":36},{"_key":42},"2021-03-10T23:54:43.000Z","2024-08-03T21:33:16.406Z","Modified",{"cisa_kev":59,"cisa_ransomware":59,"cisa_vendor":9,"epss_severity":60,"epss_score":61,"severity":62,"severity_score":63,"severity_version":64,"severity_source":65,"severity_vector":66,"severity_status":57},false,"low",0.00025,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[68,78,84,89,93],{"url":69,"sources":70,"tags":73},"https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw",[71,65,72],"cve.org","osv_go",[74,75,76,77],"X Refsource MISC","Mailing List","Third Party Advisory","WEB",{"url":79,"sources":80,"tags":81},"https://security.gentoo.org/glsa/202208-02",[71,65],[82,83,76],"Vendor Advisory","X Refsource GENTOO",{"url":85,"sources":86,"tags":87},"https://go.dev/cl/300391",[72],[88],"FIX",{"url":90,"sources":91,"tags":92},"https://go.googlesource.com/go/+/d0b79e3513a29628f3599dc8860666b6eed75372",[72],[88],{"url":94,"sources":95,"tags":96},"https://go.dev/issue/44913",[72],[97],"REPORT",[],{"date":100,"score":61,"percentile":101},"2026-06-04",0.07267,[103,107,110,113,116,119,122,125,128,131,134,137,140,143,145,149,152,155,158,161,164,167,169,172,175,178,181,183,186,189,192,195,198,201,204,206,209,212,215,218,221,224,227,230,233,236,239,242,245,248,251,254,257,260,262,265,268,271,274,277,280,283,286,289,292,295,298,301,304,307,310,313,316,319,322,324,327,330,333,336,339,342,345,348,351,354,357,360,363,366],{"date":104,"score":105,"percentile":106},"2025-11-04",0.00028,0.06406,{"date":108,"score":105,"percentile":109},"2025-11-05",0.06431,{"date":111,"score":105,"percentile":112},"2025-11-06",0.06541,{"date":114,"score":105,"percentile":115},"2025-11-07",0.06551,{"date":117,"score":105,"percentile":118},"2025-11-08",0.06549,{"date":120,"score":105,"percentile":121},"2025-11-09",0.0653,{"date":123,"score":105,"percentile":124},"2025-11-10",0.06505,{"date":126,"score":105,"percentile":127},"2025-11-11",0.06531,{"date":129,"score":105,"percentile":130},"2025-11-12",0.06571,{"date":132,"score":105,"percentile":133},"2025-11-13",0.06607,{"date":135,"score":105,"percentile":136},"2025-11-14",0.06633,{"date":138,"score":105,"percentile":139},"2025-11-15",0.06662,{"date":141,"score":105,"percentile":142},"2025-11-16",0.06673,{"date":144,"score":105,"percentile":142},"2025-11-17",{"date":146,"score":147,"percentile":148},"2025-11-18",0.00328,0.52689,{"date":150,"score":147,"percentile":151},"2025-11-19",0.52702,{"date":153,"score":147,"percentile":154},"2025-11-20",0.52687,{"date":156,"score":105,"percentile":157},"2025-11-21",0.06798,{"date":159,"score":105,"percentile":160},"2025-11-22",0.06782,{"date":162,"score":105,"percentile":163},"2025-11-23",0.06766,{"date":165,"score":105,"percentile":166},"2025-11-24",0.06748,{"date":168,"score":105,"percentile":166},"2025-11-25",{"date":170,"score":105,"percentile":171},"2025-11-26",0.06751,{"date":173,"score":105,"percentile":174},"2025-11-27",0.06747,{"date":176,"score":105,"percentile":177},"2025-11-28",0.06735,{"date":179,"score":105,"percentile":180},"2025-11-29",0.06775,{"date":182,"score":105,"percentile":180},"2025-11-30",{"date":184,"score":105,"percentile":185},"2025-12-01",0.06821,{"date":187,"score":105,"percentile":188},"2025-12-02",0.06831,{"date":190,"score":105,"percentile":191},"2025-12-03",0.06845,{"date":193,"score":105,"percentile":194},"2025-12-04",0.06818,{"date":196,"score":61,"percentile":197},"2025-12-05",0.06004,{"date":199,"score":61,"percentile":200},"2025-12-06",0.06012,{"date":202,"score":61,"percentile":203},"2025-12-07",0.05753,{"date":205,"score":61,"percentile":203},"2025-12-08",{"date":207,"score":61,"percentile":208},"2025-12-09",0.05812,{"date":210,"score":61,"percentile":211},"2025-12-10",0.05879,{"date":213,"score":61,"percentile":214},"2025-12-11",0.05875,{"date":216,"score":61,"percentile":217},"2025-12-12",0.05898,{"date":219,"score":61,"percentile":220},"2025-12-13",0.05943,{"date":222,"score":61,"percentile":223},"2025-12-14",0.0618,{"date":225,"score":61,"percentile":226},"2025-12-15",0.06158,{"date":228,"score":61,"percentile":229},"2025-12-16",0.06183,{"date":231,"score":61,"percentile":232},"2025-12-17",0.06271,{"date":234,"score":61,"percentile":235},"2025-12-18",0.06323,{"date":237,"score":61,"percentile":238},"2025-12-19",0.06308,{"date":240,"score":61,"percentile":241},"2025-12-20",0.06304,{"date":243,"score":61,"percentile":244},"2025-12-21",0.06291,{"date":246,"score":61,"percentile":247},"2025-12-22",0.06242,{"date":249,"score":61,"percentile":250},"2025-12-23",0.06255,{"date":252,"score":61,"percentile":253},"2025-12-24",0.06287,{"date":255,"score":61,"percentile":256},"2025-12-25",0.06338,{"date":258,"score":61,"percentile":259},"2025-12-26",0.06332,{"date":261,"score":61,"percentile":256},"2025-12-27",{"date":263,"score":61,"percentile":264},"2025-12-28",0.06329,{"date":266,"score":61,"percentile":267},"2025-12-29",0.0631,{"date":269,"score":61,"percentile":270},"2025-12-30",0.06292,{"date":272,"score":61,"percentile":273},"2025-12-31",0.06341,{"date":275,"score":61,"percentile":276},"2026-01-01",0.06413,{"date":278,"score":61,"percentile":279},"2026-01-02",0.06407,{"date":281,"score":61,"percentile":282},"2026-01-03",0.06394,{"date":284,"score":61,"percentile":285},"2026-01-04",0.06307,{"date":287,"score":61,"percentile":288},"2026-01-05",0.06253,{"date":290,"score":61,"percentile":291},"2026-01-06",0.06261,{"date":293,"score":61,"percentile":294},"2026-01-07",0.06284,{"date":296,"score":61,"percentile":297},"2026-01-08",0.06342,{"date":299,"score":61,"percentile":300},"2026-01-09",0.06034,{"date":302,"score":61,"percentile":303},"2026-01-10",0.06036,{"date":305,"score":61,"percentile":306},"2026-01-11",0.0603,{"date":308,"score":61,"percentile":309},"2026-01-12",0.06013,{"date":311,"score":61,"percentile":312},"2026-01-13",0.06,{"date":314,"score":61,"percentile":315},"2026-01-14",0.06048,{"date":317,"score":61,"percentile":318},"2026-01-15",0.06043,{"date":320,"score":61,"percentile":321},"2026-01-16",0.0605,{"date":323,"score":61,"percentile":321},"2026-01-17",{"date":325,"score":61,"percentile":326},"2026-01-18",0.06044,{"date":328,"score":61,"percentile":329},"2026-01-19",0.06021,{"date":331,"score":61,"percentile":332},"2026-01-20",0.0598,{"date":334,"score":61,"percentile":335},"2026-01-21",0.05975,{"date":337,"score":61,"percentile":338},"2026-01-22",0.05947,{"date":340,"score":61,"percentile":341},"2026-01-23",0.06006,{"date":343,"score":61,"percentile":344},"2026-01-24",0.06059,{"date":346,"score":61,"percentile":347},"2026-01-25",0.06008,{"date":349,"score":61,"percentile":350},"2026-01-26",0.05992,{"date":352,"score":61,"percentile":353},"2026-01-27",0.05969,{"date":355,"score":61,"percentile":356},"2026-01-28",0.05949,{"date":358,"score":61,"percentile":359},"2026-01-29",0.05959,{"date":361,"score":61,"percentile":362},"2026-01-30",0.05963,{"date":364,"score":61,"percentile":365},"2026-01-31",0.0594,{"date":367,"score":61,"percentile":368},"2026-02-01",0.05993,[370],{"source":65,"cvss_v2_0":371,"cvss_v3_0":9,"cvss_v3_1":376,"cvss_v4_0":9},{"baseScore":372,"baseSeverity":9,"vectorString":373,"impactScore":374,"exploitabilityScore":375},5,"AV:N/AC:L/Au:N/C:N/I:N/A:P",2.9,10,{"baseScore":63,"baseSeverity":377,"vectorString":66,"impactScore":378,"exploitabilityScore":375},"HIGH",6,[380,396],{"ecosystem":9,"name":381,"vendor":382,"product":381,"cpe_part":383,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":384},"go","golang","a",[385,391],{"version":386,"is_range":387,"range_type":388,"version_start":9,"version_start_type":9,"version_end":389,"version_end_type":390,"fixed_in":9},"lt1.15.9",true,"cpe","1.15.9","excluding",{"version":392,"is_range":387,"range_type":388,"version_start":393,"version_start_type":394,"version_end":395,"version_end_type":390,"fixed_in":9},"gte1.16.0_lt1.16.1","1.16.0","including","1.16.1",{"ecosystem":397,"name":398,"vendor":397,"product":398,"cpe_part":9,"purl_type":382,"purl_namespace":9,"purl_name":398,"source":9,"versions":399},"Go","stdlib",[400],{"version":401,"is_range":387,"range_type":402,"version_start":403,"version_start_type":394,"version_end":395,"version_end_type":390,"fixed_in":9},"gte1_16_0_0_lt1_16_1","semver","1.16.0-0"]