vulnerability

Red Hat OpenShift: CVE-2021-33196: malformed archive may cause panic or memory exhaustion

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	2021-08-02	2021-08-12	2025-04-11

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

2021-08-02

Added

2021-08-12

Modified

2025-04-11

Description

In archive/zip in Go before 1.15.13 and 1.16.x before 1.16.5, a crafted file count (in an archive's header) can cause a NewReader or OpenReader panic.

Solution(s)

linuxrpm-upgrade-cri-olinuxrpm-upgrade-openshiftlinuxrpm-upgrade-openshift-clients

References

CVE-2021-33196
https://attackerkb.com/topics/CVE-2021-33196
REDHAT-RHSA-2021:2634
REDHAT-RHSA-2021:2704
REDHAT-RHSA-2021:2705
REDHAT-RHSA-2021:2983
REDHAT-RHSA-2021:2984
REDHAT-RHSA-2021:3076
REDHAT-RHSA-2021:3229
REDHAT-RHSA-2021:3361
REDHAT-RHSA-2021:3555
REDHAT-RHSA-2021:3556
REDHAT-RHSA-2021:3758

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today