go standard library Latest Vulnerabilities
Latest vulnerabilities published by go standard library
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
HTTP Package Vulnerability in Go's Net/HTTP Due to Improper Line Terminator Handling
CVE-2025-22871Go Standard LibraryNet/http/internalVariable Time Instruction Vulnerability in Go Runtime for ppc64le Architecture
CVE-2025-22866Go Standard LibraryCrypto/internal/nistec4MEDIUMRSA Key Verification Issue in Go Programming Language
CVE-2025-22865Go Standard LibraryCrypto/x5097.5HIGHCross-Domain Redirect Vulnerability in Go's HTTP Client
CVE-2024-45336Go Standard LibraryNet/http6.1MEDIUMCertificate Misconfiguration in Private PKIs by Go Programming Language
CVE-2024-45341Go Standard LibraryCrypto/x5096.1MEDIUMStack Exhaustion Due to Deeply Nested Expressions in Parse
CVE-2024-34158Go Standard LibraryGo/build/constraintDeeply Nested Literals Cause Stack Exhaustion in Parse
CVE-2024-34155Go Standard LibraryGo/parserStack Exhaustion in Deeply Nested Structures Affects Decode Product
CVE-2024-34156Go Standard LibraryEncoding/gobInvalid Connection State Leads to Denial of Service
CVE-2024-24791Go Standard LibraryNet/httpMishandling of corrupt central directory record in archive/zip
CVE-2024-24789Go Standard LibraryArchive/zip5.5MEDIUMUnexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip
CVE-2024-24790Go Standard LibraryNet/netip9.8CRITICALMalformed DNS message can cause infinite loop in net
CVE-2024-24788Go Standard LibraryNetπ°5.9MEDIUMAttacker can exploit excessive header data to overwhelm HTTP/2 endpoint
CVE-2023-45288Go Standard LibraryNet/httpππΎπ‘EPSS 66%7.5HIGHErrors returned from JSON marshaling may break template escaping in html/template
CVE-2024-24785Go Standard LibraryHtml/template5.4MEDIUMComments in display names are incorrectly handled in net/mail
CVE-2024-24784Go Standard LibraryNet/mail7.5HIGHSensitive headers not forwarded in HTTP redirect
CVE-2023-45289Go Standard LibraryNet/http4.3MEDIUMMemory Exhaustion Vulnerability in Microsoft Request.ParseMultipartForm
CVE-2023-45290Go Standard LibraryNet/textproto6.5MEDIUMCertificate Chain Verification Panics with Unknown Public Key Algorithm
CVE-2024-24783Go Standard LibraryCrypto/x5095.9MEDIUMMalicious HTTP sender can exploit chunk extensions to read large amounts of data from network
CVE-2023-39326Go Standard LibraryNet/http/internal5.3MEDIUMBefore Go 1.20, the RSA based key exchange methods in crypto/tls may exhibit a timing side channel
CVE-2023-45287Go Standard LibraryCrypto/tls7.5HIGHIncorrect detection of reserved device names on Windows in path/filepath
CVE-2023-45284Go Standard LibraryPath/filepath5.3MEDIUMInsecure parsing of Windows paths with a \??\ prefix in path/filepath
CVE-2023-45283Go Standard LibraryPath/filepath7.5HIGHHTTP/2 rapid reset can cause excessive work in net/http
CVE-2023-39325Go Standard LibraryNet/http7.5HIGHMemory exhaustion in QUIC connection handling in crypto/tls
CVE-2023-39322Go Standard LibraryCrypto/tls7.5HIGHImproper handling of special tags within script contexts in html/template
CVE-2023-39319Go Standard LibraryHtml/template6.1MEDIUM