[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-38297":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":72,"aliases":73,"duplicate_of":9,"upstream":76,"downstream":77,"duplicates":116,"related":117,"reserved_at":9,"published_at":132,"modified_at":133,"state":134,"summary":135,"references_raw":144,"kevs":194,"epss":195,"epss_history":198,"metrics":449,"affected":458},"CVE-2021-38297","Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-120","Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.","weakness","Incomplete","Base","High",[20,24,28,32,36,40,44,48,52,56,60,64,68],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":33,"name":34,"techniques":35},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-42","MIME Conversion",[],{"id":41,"name":42,"techniques":43},"CAPEC-44","Overflow Binary Resource File",[],{"id":45,"name":46,"techniques":47},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":49,"name":50,"techniques":51},"CAPEC-46","Overflow Variables and Tags",[],{"id":53,"name":54,"techniques":55},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":57,"name":58,"techniques":59},"CAPEC-67","String Format Overflow in syslog()",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],{"id":69,"name":70,"techniques":71},"CAPEC-92","Forced Integer Overflow",[],[],[74,75],"GO-2022-0247","BIT-golang-2021-38297",[],[78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114],{"_key":79},"UBUNTU-CVE-2021-38297",{"_key":81},"SUSE-SU-2021:3487-1",{"_key":83},"SUSE-SU-2021:3488-1",{"_key":85},"SUSE-SU-2023:0601-1",{"_key":87},"SUSE-SU-2023:0603-1",{"_key":89},"SUSE-SU-2023:0600-1",{"_key":91},"SUSE-SU-2023:0602-1",{"_key":93},"OPENSUSE-SU-2021:1420-1",{"_key":95},"OPENSUSE-SU-2021:3487-1",{"_key":97},"OPENSUSE-SU-2021:3488-1",{"_key":99},"OPENSUSE-SU-2024:11567-1",{"_key":101},"OPENSUSE-SU-2024:11568-1",{"_key":103},"OPENSUSE-SU-2024:12758-1",{"_key":105},"OPENSUSE-SU-2024:12759-1",{"_key":107},"DLA-3395-1",{"_key":109},"MGASA-2021-0475",{"_key":111},"DEBIAN-CVE-2021-38297",{"_key":113},"RHSA-2022:0432",{"_key":115},"RHSA-2022:1819",[],[118,119,120,121,122,123,124,125,126,127,128,129,130,131],{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":91},{"_key":93},{"_key":95},{"_key":97},{"_key":99},{"_key":101},{"_key":103},{"_key":105},{"_key":109},"2021-10-18T00:00:00.000Z","2024-08-04T01:37:16.318Z","Modified",{"cisa_kev":136,"cisa_ransomware":136,"cisa_vendor":9,"epss_severity":137,"epss_score":138,"severity":139,"severity_score":140,"severity_version":141,"severity_source":142,"severity_vector":143,"severity_status":134},false,"medium",0.10629,"critical",9.8,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[145,150,159,163,168,172,176,180,185,189],{"url":146,"sources":147,"tags":149},"https://groups.google.com/forum/#%21forum/golang-announce",[148,142],"cve.org",[],{"url":151,"sources":152,"tags":154},"https://groups.google.com/g/golang-announce/c/AEBu9j7yj5A",[148,142,153],"osv_go",[155,156,157,158],"Mailing List","Release Notes","Third Party Advisory","WEB",{"url":160,"sources":161,"tags":162},"https://security.netapp.com/advisory/ntap-20211118-0006/",[148,142],[157],{"url":164,"sources":165,"tags":166},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OFS3M3OFB24SWPTIAPARKGPUMQVUY6Z/",[148,142],[167],"Vendor Advisory",{"url":169,"sources":170,"tags":171},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ON7BQRRJZBOR5TJHURBAB3WLF4YXFC6Z/",[148,142],[167],{"url":173,"sources":174,"tags":175},"https://security.gentoo.org/glsa/202208-02",[148,142],[167,157],{"url":177,"sources":178,"tags":179},"https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html",[148,142],[155],{"url":181,"sources":182,"tags":183},"https://go.dev/cl/354571",[153],[184],"FIX",{"url":186,"sources":187,"tags":188},"https://go.googlesource.com/go/+/77f2750f4398990eed972186706f160631d7dae4",[153],[184],{"url":190,"sources":191,"tags":192},"https://go.dev/issue/48797",[153],[193],"REPORT",[],{"date":196,"score":138,"percentile":197},"2026-06-04",0.93429,[199,203,206,209,212,214,217,219,222,225,228,231,234,237,239,243,246,249,252,254,257,259,262,264,266,269,272,275,278,281,284,287,290,292,295,297,300,303,306,309,312,315,317,319,322,325,327,330,333,335,338,341,344,346,349,352,355,358,361,364,367,370,373,376,379,382,385,387,390,392,394,396,399,402,405,407,410,412,415,418,421,424,427,430,433,436,439,441,443,446],{"date":200,"score":201,"percentile":202},"2025-11-04",0.05854,0.90139,{"date":204,"score":201,"percentile":205},"2025-11-05",0.90137,{"date":207,"score":201,"percentile":208},"2025-11-06",0.90135,{"date":210,"score":201,"percentile":211},"2025-11-07",0.90142,{"date":213,"score":201,"percentile":211},"2025-11-08",{"date":215,"score":201,"percentile":216},"2025-11-09",0.90141,{"date":218,"score":201,"percentile":216},"2025-11-10",{"date":220,"score":201,"percentile":221},"2025-11-11",0.9014,{"date":223,"score":201,"percentile":224},"2025-11-12",0.90147,{"date":226,"score":201,"percentile":227},"2025-11-13",0.9015,{"date":229,"score":201,"percentile":230},"2025-11-14",0.90152,{"date":232,"score":201,"percentile":233},"2025-11-15",0.90149,{"date":235,"score":201,"percentile":236},"2025-11-16",0.90153,{"date":238,"score":201,"percentile":233},"2025-11-17",{"date":240,"score":241,"percentile":242},"2025-11-18",0.51278,0.9776,{"date":244,"score":241,"percentile":245},"2025-11-19",0.97761,{"date":247,"score":241,"percentile":248},"2025-11-20",0.97768,{"date":250,"score":201,"percentile":251},"2025-11-21",0.90159,{"date":253,"score":201,"percentile":251},"2025-11-22",{"date":255,"score":201,"percentile":256},"2025-11-23",0.90158,{"date":258,"score":201,"percentile":251},"2025-11-24",{"date":260,"score":201,"percentile":261},"2025-11-25",0.90161,{"date":263,"score":201,"percentile":261},"2025-11-26",{"date":265,"score":201,"percentile":261},"2025-11-27",{"date":267,"score":201,"percentile":268},"2025-11-28",0.90151,{"date":270,"score":201,"percentile":271},"2025-11-29",0.9019,{"date":273,"score":201,"percentile":274},"2025-11-30",0.90191,{"date":276,"score":201,"percentile":277},"2025-12-01",0.90249,{"date":279,"score":201,"percentile":280},"2025-12-02",0.90252,{"date":282,"score":201,"percentile":283},"2025-12-03",0.90253,{"date":285,"score":201,"percentile":286},"2025-12-04",0.90195,{"date":288,"score":201,"percentile":289},"2025-12-05",0.90197,{"date":291,"score":201,"percentile":286},"2025-12-06",{"date":293,"score":201,"percentile":294},"2025-12-07",0.90192,{"date":296,"score":201,"percentile":294},"2025-12-08",{"date":298,"score":201,"percentile":299},"2025-12-09",0.90196,{"date":301,"score":201,"percentile":302},"2025-12-10",0.90205,{"date":304,"score":201,"percentile":305},"2025-12-11",0.90208,{"date":307,"score":201,"percentile":308},"2025-12-12",0.90213,{"date":310,"score":201,"percentile":311},"2025-12-13",0.90214,{"date":313,"score":201,"percentile":314},"2025-12-14",0.90212,{"date":316,"score":201,"percentile":314},"2025-12-15",{"date":318,"score":201,"percentile":305},"2025-12-16",{"date":320,"score":201,"percentile":321},"2025-12-17",0.90216,{"date":323,"score":201,"percentile":324},"2025-12-18",0.90223,{"date":326,"score":201,"percentile":324},"2025-12-19",{"date":328,"score":201,"percentile":329},"2025-12-20",0.90222,{"date":331,"score":201,"percentile":332},"2025-12-21",0.90232,{"date":334,"score":201,"percentile":332},"2025-12-22",{"date":336,"score":201,"percentile":337},"2025-12-23",0.90235,{"date":339,"score":201,"percentile":340},"2025-12-24",0.90242,{"date":342,"score":201,"percentile":343},"2025-12-25",0.90255,{"date":345,"score":201,"percentile":283},"2025-12-26",{"date":347,"score":201,"percentile":348},"2025-12-27",0.90302,{"date":350,"score":201,"percentile":351},"2025-12-28",0.90248,{"date":353,"score":201,"percentile":354},"2025-12-29",0.90243,{"date":356,"score":201,"percentile":357},"2025-12-30",0.90251,{"date":359,"score":201,"percentile":360},"2025-12-31",0.90259,{"date":362,"score":201,"percentile":363},"2026-01-01",0.90327,{"date":365,"score":201,"percentile":366},"2026-01-02",0.90321,{"date":368,"score":201,"percentile":369},"2026-01-03",0.9032,{"date":371,"score":201,"percentile":372},"2026-01-04",0.9026,{"date":374,"score":201,"percentile":375},"2026-01-05",0.90256,{"date":377,"score":201,"percentile":378},"2026-01-06",0.90258,{"date":380,"score":201,"percentile":381},"2026-01-07",0.90262,{"date":383,"score":201,"percentile":384},"2026-01-08",0.90265,{"date":386,"score":201,"percentile":384},"2026-01-09",{"date":388,"score":201,"percentile":389},"2026-01-10",0.90268,{"date":391,"score":201,"percentile":360},"2026-01-11",{"date":393,"score":201,"percentile":360},"2026-01-12",{"date":395,"score":201,"percentile":375},"2026-01-13",{"date":397,"score":201,"percentile":398},"2026-01-14",0.90271,{"date":400,"score":201,"percentile":401},"2026-01-15",0.90274,{"date":403,"score":201,"percentile":404},"2026-01-16",0.90277,{"date":406,"score":201,"percentile":401},"2026-01-17",{"date":408,"score":201,"percentile":409},"2026-01-18",0.90276,{"date":411,"score":201,"percentile":401},"2026-01-19",{"date":413,"score":138,"percentile":414},"2026-01-20",0.93073,{"date":416,"score":138,"percentile":417},"2026-01-21",0.93079,{"date":419,"score":138,"percentile":420},"2026-01-22",0.93082,{"date":422,"score":138,"percentile":423},"2026-01-23",0.93087,{"date":425,"score":138,"percentile":426},"2026-01-24",0.93092,{"date":428,"score":138,"percentile":429},"2026-01-25",0.93095,{"date":431,"score":138,"percentile":432},"2026-01-26",0.93096,{"date":434,"score":138,"percentile":435},"2026-01-27",0.931,{"date":437,"score":138,"percentile":438},"2026-01-28",0.93104,{"date":440,"score":138,"percentile":438},"2026-01-29",{"date":442,"score":138,"percentile":438},"2026-01-30",{"date":444,"score":138,"percentile":445},"2026-01-31",0.93106,{"date":447,"score":138,"percentile":448},"2026-02-01",0.93145,[450],{"source":142,"cvss_v2_0":451,"cvss_v3_0":9,"cvss_v3_1":456,"cvss_v4_0":9},{"baseScore":452,"baseSeverity":9,"vectorString":453,"impactScore":454,"exploitabilityScore":455},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,10,{"baseScore":140,"baseSeverity":457,"vectorString":143,"impactScore":140,"exploitabilityScore":455},"CRITICAL",[459,469,484],{"ecosystem":9,"name":460,"vendor":461,"product":460,"cpe_part":462,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":463},"fedora","fedoraproject","o",[464,467],{"version":465,"is_range":136,"range_type":466,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"34","cpe",{"version":468,"is_range":136,"range_type":466,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"35",{"ecosystem":9,"name":470,"vendor":471,"product":470,"cpe_part":472,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":473},"go","golang","a",[474,479],{"version":475,"is_range":476,"range_type":466,"version_start":9,"version_start_type":9,"version_end":477,"version_end_type":478,"fixed_in":9},"lt1.16.9",true,"1.16.9","excluding",{"version":480,"is_range":476,"range_type":466,"version_start":481,"version_start_type":482,"version_end":483,"version_end_type":478,"fixed_in":9},"gte1.17.0_lt1.17.2","1.17.0","including","1.17.2",{"ecosystem":485,"name":486,"vendor":485,"product":486,"cpe_part":9,"purl_type":471,"purl_namespace":9,"purl_name":486,"source":9,"versions":487},"Go","toolchain",[488],{"version":489,"is_range":476,"range_type":490,"version_start":491,"version_start_type":482,"version_end":483,"version_end_type":478,"fixed_in":9},"gte1_17_0_0_lt1_17_2","semver","1.17.0-0"]