SUSE-SU-2021:0937-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2021-27918 CVE-2021-27919

Published: 24 Mar 2021, 11:22

Last modified:04 Feb 2026, 04:18

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

24 Mar 2021, 11:22

Published

Vulnerability first disclosed

04 Feb 2026, 04:18

Last Modified

Vulnerability information updated

Description

Security update for go1.16 This update for go1.16 fixes the following issues: - go1.16.2 (released 2021-03-11) (bsc#1182345) - go1.16.1 (released 2021-03-10) (bsc#1182345) - CVE-2021-27918: Fixed an infinite loop when using xml.NewTokenDecoder with a custom TokenReader (bsc#1183333). - CVE-2021-27919: Fixed an issue where archive/zip: can panic when calling Reader.Open (bsc#1183334).

Affected Systems

suse•go1.16&distro=SUSE Linux Enterprise Module for Development Tools 15 SP2
< 1.16.2-1.8.1

References (6)

https://www.suse.com/support/update/announcement/2021/suse-su-20210937-1/
https://bugzilla.suse.com/1182345
https://bugzilla.suse.com/1183333
https://bugzilla.suse.com/1183334
https://www.suse.com/security/cve/CVE-2021-27918
https://www.suse.com/security/cve/CVE-2021-27919