VDB

ALPINE-CVE-2021-3121

ALPINE-CVE-2021-3121 PUBLISHED CVSS 8.600000381469727 HIGH

An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.

Risk Scores

CVSS v3.1
8.600000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected Products

VendorProductVersions
Alpine:v3.18protobuf-c0.15-r0, 1.3.0-r6, 1.3.0-r5
Alpine:v3.23protobuf-c1.3.0-r4, 1.3.0-r6, 1.3.0-r5
Alpine:v3.16protobuf-c1.3.0-r4, 0.15-r0, 1.0.0-r0
Alpine:v3.14protobuf-c0, 0.15-r0, 1.0.0-r0
Alpine:v3.22protobuf-c1.3.0-r6, 0, 0.15-r0
Alpine:v3.20protobuf-c1.3.0-r6, 1.3.0-r5, 1.3.0-r4
Alpine:v3.19protobuf-c1.3.0-r2, 0, 0.15-r0
Alpine:v3.15protobuf-c0, 1.3.0-r6, 1.3.0-r5
Alpine:v3.17protobuf-c1.3.0-r3, 1.3.0-r6, 1.3.0-r5
Alpine:v3.21protobuf-c1.0.0-r0, 1.3.0-r6, 1.3.0-r5

Timeline

  • Jan 11, 2021 CVE Published
  • Dec 3, 2025 CVE Updated
  • Apr 30, 2026 Distribution Patch

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›