VDB

RHSA-2021%3A3146

RHSA-2021%3A3146 PUBLISHED CVSS 7.5 HIGH

A flaw was found in Go. The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in the net package and methods on the Resolver type, may return arbitrary values retrieved from DNS, allowing injection of unexpected contents. The highest threat from this vulnerability is to integrity.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected Products

VendorProductVersions
Red Hatadvanced-cluster-security/rhacs-operator-bundle@sha256:7e7d2ee7951813e40decefd68e2a0a4dbcc32f81158de073340a2540f3e96441_amd64 as a component of RHACS 3.64 for RHEL 8advanced-cluster-security/rhacs-operator-bundle@sha256:7e7d2ee7951813e40decefd68e2a0a4dbcc32f81158de073340a2540f3e96441_amd64, *
Red Hatadvanced-cluster-security/rhacs-rhel8-operator@sha256:edf1d4fec9c3b6651a2ba44741323a6abf5f5d891db27eba396c206a6bdbc31d_amd64 as a component of RHACS 3.64 for RHEL 8*, advanced-cluster-security/rhacs-rhel8-operator@sha256:edf1d4fec9c3b6651a2ba44741323a6abf5f5d891db27eba396c206a6bdbc31d_amd64
Red Hatadvanced-cluster-security/rhacs-rhel8-operator@sha256:edf1d4fec9c3b6651a2ba44741323a6abf5f5d891db27eba396c206a6bdbc31d_amd64 as a component of RHACS 3.64 for RHEL 8advanced-cluster-security/rhacs-rhel8-operator@sha256:edf1d4fec9c3b6651a2ba44741323a6abf5f5d891db27eba396c206a6bdbc31d_amd64
Red Hatadvanced-cluster-security/rhacs-operator-bundle@sha256:7e7d2ee7951813e40decefd68e2a0a4dbcc32f81158de073340a2540f3e96441_amd64 as a component of RHACS 3.64 for RHEL 8advanced-cluster-security/rhacs-operator-bundle@sha256:7e7d2ee7951813e40decefd68e2a0a4dbcc32f81158de073340a2540f3e96441_amd64

Timeline

  • Aug 12, 2021 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 29, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›