{"vulnerability": "CVE-2021-38297", "sightings": [{"uuid": "c0156f39-103f-45df-9183-12ddadeb7b19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38297", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/118", "content": "Top Security News for 01/09/2022\n\nSecuring multi-cloud identity with orchestration.\nhttps://thecyberwire.com/podcasts/cyberwire-x/37/notes \n\nHow I Met Your Beacon: Detection Strategies\nhttps://www.reddit.com/r/netsec/comments/x2t7p2/how_i_met_your_beacon_detection_strategies/ \n\nStop Ransomware with Microsoft Security digital event presents threat intelligence in action\nhttps://www.microsoft.com/security/blog/2022/08/31/stop-ransomware-with-microsoft-security-digital-event-presents-threat-intelligence-in-action/ \n\nNEW 'Off The Hook' ONLINE\nhttps://www.2600.com/hook/31-08-2022 \n\nWomen in cybersecurity form non-profit organization The Forte Group\nhttps://www.csoonline.com/article/3671909/women-in-cybersecurity-form-non-profit-organization-the-forte-group.html#tk.rss_all \n\nMalwarebytes receives highest rankings in recent third-party tests\nhttps://malware.news/t/malwarebytes-receives-highest-rankings-in-recent-third-party-tests/63043/1 \n\nCVE-2021-38297 - Technical analysis of a Go WebAssembly vulnerability\nhttps://www.reddit.com/r/netsec/comments/x279b9/cve202138297_technical_analysis_of_a_go/ \n\nFinal Fantasy 14 players targeted by QR code phishing\nhttps://www.malwarebytes.com/blog/news/2022/08/final-fantasy-14-players-targeted-by-qr-code-phishing \n\nUK unveils tighter cybersecurity requirements for telecom industry. Preparing for new cybersecurity regulations.\nhttps://thecyberwire.com/newsletters/policy-briefing/4/168 \n\nPalo Alto adds new SaaS compliance, threat prevention, URL filtering features to Prisma solution\nhttps://www.csoonline.com/article/3671709/palo-alto-adds-new-saas-compliance-threat-prevention-url-filtering-features-to-prisma-solution.html#tk.rss_all \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2022-09-01T07:00:09.000000Z"}, {"uuid": "42de713f-b3eb-470a-90f0-51a07fd72e0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38297", "type": "seen", "source": "https://t.me/arpsyndicate/1839", "content": "#ExploitObserverAlert\n\nCVE-2021-38297\n\nDESCRIPTION: Exploit Observer has 13 entries related to CVE-2021-38297. Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.\n\nFIRST-EPSS: 0.004300000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-17T20:51:35.000000Z"}, {"uuid": "845bff22-e692-43df-b322-42e5cc83fbb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38297", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/490", "content": "CVE-2021-38297 : Analysis & Exploit Go < 1.17.2 - Buffer Overflow\nhttps://jfrog.com/blog/cve-2021-38297-analysis-of-a-go-web-assembly-vulnerability", "creation_timestamp": "2022-09-29T22:29:01.000000Z"}, {"uuid": "88c6b619-7260-4da9-9a4e-8d7816993430", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38297", "type": "seen", "source": "https://t.me/cibsecurity/30671", "content": "\u203c CVE-2021-38297 \u203c\n\nGo before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-18T12:36:40.000000Z"}, {"uuid": "d4b2544c-f497-40b5-a0c6-c4cc5e2dad9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38297", "type": "seen", "source": "https://t.me/thebugbountyhunter/6473", "content": "CVE-2021-38297 \u2013 Analysis of a Go Web Assembly vulnerability\n\nhttps://jfrog.com/blog/cve-2021-38297-analysis-of-a-go-web-assembly-vulnerability/", "creation_timestamp": "2022-08-31T15:31:50.000000Z"}, {"uuid": "0d1c137d-a181-409e-adf8-292e1d27c6b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38297", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/6742", "content": "#exploit\n1. CVE-2021-38297:\nGo Web Assembly Vulnerability\nhttps://jfrog.com/blog/cve-2021-38297-analysis-of-a-go-web-assembly-vulnerability\n\n2. CVE-2022-24124:\nCasdoor SQL Injection\nhttps://github.com/cukw/CVE-2022-24124_POC\n]-> https://blog.qualys.com/vulnerabilities-threat-research/2022/03/09/casdoor-sql-injection-cve-2022-24124", "creation_timestamp": "2022-09-05T12:37:13.000000Z"}]}