CVE-2021-3121
CVE Details
Visit the official vulnerability details page for CVE-2021-3121 to learn more.
Initial Publication
01/20/2025
Last Update
02/01/2026
Third Party Dependency
github.com/gogo/protobuf
NIST CVE Summary
An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.
CVE Severity
Our Official Summary
This vulnerability is a false positive. Although this is reported by the scanning tools on some of the components, further checks indicate the symbol/function with the vulnerability while present is not being used.
Status
Ongoing
Affected Products & Versions
| Version | Palette Enterprise | Palette Enterprise Airgap | VerteX | VerteX Airgap |
|---|---|---|---|---|
| 4.8.25 | ⚠️ Impacted | ✅ No Impact | ✅ No Impact | ✅ No Impact |
| 4.5.22 | ⚠️ Impacted | ⚠️ Impacted | ✅ No Impact | ✅ No Impact |
Revision History
| Date | Revision |
|---|---|
| 10/14/2025 | Status changed from Open to Ongoing |