go standard library Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by go standard library
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Resource Consumption Vulnerability in Go's Error Handling
CVE-2025-61729Go Standard LibraryCrypto/x509📈7.5HIGHInterface Casting Flaw in Certificate Chain Validation for Go Programming Language
CVE-2025-58188Go Standard LibraryCrypto/x5097.5HIGHNon-linear Input Parsing Vulnerability in Go Programming Language
CVE-2025-61723Go Standard LibraryEncoding/pem7.5HIGHCertificate Chain Validation Issues in Go Programming Language
CVE-2025-58187Go Standard LibraryCrypto/x5097.5HIGHExcessive CPU Consumption in Go's ParseAddress Function
CVE-2025-61725Go Standard LibraryNet/mail7.5HIGHRace Condition in Go's Database Interaction Leading to Unexpected Query Results
CVE-2025-47907Go Standard LibraryDatabase/sql7HIGHPolicy Validation Bypass in Go's Certificate Handling
CVE-2025-22874Go Standard LibraryCrypto/x5097.5HIGHRSA Key Verification Issue in Go Programming Language
CVE-2025-22865Go Standard LibraryCrypto/x5097.5HIGHUnexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip
CVE-2024-24790Go Standard LibraryNet/netip9.8CRITICALAttacker can exploit excessive header data to overwhelm HTTP/2 endpoint
CVE-2023-45288Go Standard LibraryNet/http📈👾🟡EPSS 66%7.5HIGHComments in display names are incorrectly handled in net/mail
CVE-2024-24784Go Standard LibraryNet/mail7.5HIGHBefore Go 1.20, the RSA based key exchange methods in crypto/tls may exhibit a timing side channel
CVE-2023-45287Go Standard LibraryCrypto/tls7.5HIGHInsecure parsing of Windows paths with a \??\ prefix in path/filepath
CVE-2023-45283Go Standard LibraryPath/filepath7.5HIGHHTTP/2 rapid reset can cause excessive work in net/http
CVE-2023-39325Go Standard LibraryNet/http7.5HIGHPanic when processing post-handshake message on QUIC connections in crypto/tls
CVE-2023-39321Go Standard LibraryCrypto/tls7.5HIGHMemory exhaustion in QUIC connection handling in crypto/tls
CVE-2023-39322Go Standard LibraryCrypto/tls7.5HIGHUnsafe behavior in setuid/setgid binaries in runtime
CVE-2023-29403Go Standard LibraryRuntime7.8HIGHImproper sanitization of CSS values in html/template
CVE-2023-24539Go Standard LibraryHtml/template7.3HIGHImproper handling of JavaScript whitespace in html/template
CVE-2023-24540Go Standard LibraryHtml/template9.8CRITICALImproper handling of empty HTML attributes in html/template
CVE-2023-29400Go Standard LibraryHtml/template7.3HIGHExcessive memory allocation in net/http and net/textproto
CVE-2023-24534Go Standard LibraryNet/textproto7.5HIGHExcessive resource consumption in net/http, net/textproto and mime/multipart
CVE-2023-24536Go Standard LibraryMime/multipart7.5HIGHInfinite loop in parsing in go/scanner
CVE-2023-24537Go Standard LibraryGo/scanner7.5HIGHBackticks not treated as string delimiters in html/template
CVE-2023-24538Go Standard LibraryHtml/template👾🟡9.8CRITICALDenial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
CVE-2022-41723Go Standard LibraryNet/http7.5HIGH