CVE-2021-3121
CVE Details
Visit the official vulnerability details page for CVE-2021-3121 to learn more.
Initial Publication
02/03/2026
Last Update
02/12/2026
Third Party Dependency
github.com/gogo/protobuf
NIST CVE Summary
An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.
CVE Severity
Our Official Summary
This vulnerability only affects clusters using velero for backup in AWS. Other clusters are not affected.
Upgrade of the component affected by this vulnerability is done in 4.8.x.
Status
Open
Affected Products & Versions
| Version | Palette Enterprise | Palette Enterprise Airgap | VerteX | VerteX Airgap |
|---|---|---|---|---|
| 4.8.27 | ⚠️ Impacted | ✅ No Impact | ⚠️ Impacted | ⚠️ Impacted |
| 4.5.22 | ⚠️ Impacted | ⚠️ Impacted | ✅ No Impact | ✅ No Impact |
Revision History
| Date | Revision |
|---|---|
| 02/12/2026 | Official summary added |