go standard library Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by go standard library
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
RSA Key Verification Issue in Go Programming Language
CVE-2025-22865Go Standard LibraryCrypto/x5097.5HIGHUnexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip
CVE-2024-24790Go Standard LibraryNet/netip9.8CRITICALAttacker can exploit excessive header data to overwhelm HTTP/2 endpoint
CVE-2023-45288Go Standard LibraryNet/httpππΎπ‘EPSS 66%7.5HIGHComments in display names are incorrectly handled in net/mail
CVE-2024-24784Go Standard LibraryNet/mail7.5HIGHBefore Go 1.20, the RSA based key exchange methods in crypto/tls may exhibit a timing side channel
CVE-2023-45287Go Standard LibraryCrypto/tls7.5HIGHInsecure parsing of Windows paths with a \??\ prefix in path/filepath
CVE-2023-45283Go Standard LibraryPath/filepath7.5HIGHHTTP/2 rapid reset can cause excessive work in net/http
CVE-2023-39325Go Standard LibraryNet/http7.5HIGHPanic when processing post-handshake message on QUIC connections in crypto/tls
CVE-2023-39321Go Standard LibraryCrypto/tls7.5HIGHMemory exhaustion in QUIC connection handling in crypto/tls
CVE-2023-39322Go Standard LibraryCrypto/tls7.5HIGHUnsafe behavior in setuid/setgid binaries in runtime
CVE-2023-29403Go Standard LibraryRuntime7.8HIGHImproper sanitization of CSS values in html/template
CVE-2023-24539Go Standard LibraryHtml/template7.3HIGHImproper handling of empty HTML attributes in html/template
CVE-2023-29400Go Standard LibraryHtml/template7.3HIGHImproper handling of JavaScript whitespace in html/template
CVE-2023-24540Go Standard LibraryHtml/template9.8CRITICALExcessive memory allocation in net/http and net/textproto
CVE-2023-24534Go Standard LibraryNet/textproto7.5HIGHExcessive resource consumption in net/http, net/textproto and mime/multipart
CVE-2023-24536Go Standard LibraryMime/multipart7.5HIGHInfinite loop in parsing in go/scanner
CVE-2023-24537Go Standard LibraryGo/scanner7.5HIGHBackticks not treated as string delimiters in html/template
CVE-2023-24538Go Standard LibraryHtml/templateπΎπ‘9.8CRITICALDenial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
CVE-2022-41723Go Standard LibraryNet/http7.5HIGHPanic on large handshake records in crypto/tls
CVE-2022-41724Go Standard LibraryCrypto/tls7.5HIGHExcessive resource consumption in mime/multipart
CVE-2022-41725Go Standard LibraryMime/multipart7.5HIGHPath traversal on Windows in path/filepath
CVE-2022-41722Go Standard LibraryPath/filepath7.5HIGHRestricted file access on Windows in os and net/http
CVE-2022-41720Go Standard LibraryOs7.5HIGHUnsanitized NUL in environment variables on Windows in syscall and os/exec
CVE-2022-41716Go Standard LibrarySyscall7.5HIGHMemory exhaustion when compiling regular expressions in regexp/syntax
CVE-2022-41715Go Standard LibraryRegexp/syntax7.5HIGHUnbounded memory consumption when reading headers in archive/tar
CVE-2022-2879Go Standard LibraryArchive/tar7.5HIGH