golang

207 tracked vulnerabilities.

CVE-2023-39318 MEDIUM
GO < 1.20.8 - Cross-Site Scripting
Sep 08, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-3978 MEDIUM
golang/networking < 0.13.0 - Cross-Site Scripting via Incorrect Text Node Rendering
Aug 02, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-29409 MEDIUM
GO < 1.19.12 - Denial of Service
Aug 02, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-29408 MEDIUM
golang/image < 0.10.0 - Denial of Service via TIFF Tile Decompression
Aug 02, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-29407 MEDIUM
golang/image < 0.10.0 - Excessive Iteration via Malicious Tiled Image
Aug 02, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-29406 MEDIUM
GO < 1.19.11 - Interpretation Conflict
Jul 11, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-29405 CRITICAL
GO < 1.19.10 - Injection
Jun 08, 2023
CVSS 9.8
EPSS 0.00
CVE-2023-29404 CRITICAL
GO < 1.19.10 - Code Injection
Jun 08, 2023
CVSS 9.8
EPSS 0.00
CVE-2023-29403 HIGH
GO < 1.19.10 - Exposure to Wrong Actor
Jun 08, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-29402 CRITICAL
Go - Code Injection
Jun 08, 2023
CVSS 9.8
EPSS 0.00
CVE-2023-29400 HIGH
Go Templates - Cross-Site Scripting via Unquoted HTML Attributes
May 11, 2023
CVSS 7.3
EPSS 0.00
CVE-2023-24540 CRITICAL
JavaScript - Info Disclosure
May 11, 2023
CVSS 9.8
EPSS 0.00
CVE-2023-24539 HIGH
CSS - Code Injection
May 11, 2023
CVSS 7.3
EPSS 0.00
CVE-2023-24538 CRITICAL
Go Templates - Code Injection via JavaScript Template Literals
Apr 06, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-24537 HIGH
Go - Info Disclosure
Apr 06, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-24536 HIGH
Multipart form parsing - Memory Corruption
Apr 06, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-24534 HIGH
Golang Go < 1.19.8 - Denial of Service via HTTP and MIME Header Parsing
Apr 06, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-24532 MEDIUM
ScalarMult - Memory Corruption
Mar 08, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-0290 MEDIUM
Rapid7 Velociraptor - Path Traversal
Jan 18, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-0242 HIGH
Rapid7 Velociraptor - Privilege Escalation
Jan 18, 2023
CVSS 8.8
EPSS 0.00
CVE-2022-41727 MEDIUM
Go TIFF Decoder - Denial of Service via Malformed Image
Feb 28, 2023
CVSS 5.5
EPSS 0.00
CVE-2022-41725 HIGH
Go net/http/mime - DoS
Feb 28, 2023
CVSS 7.5
EPSS 0.00
CVE-2022-41724 HIGH
TLS <1.3-1.2 - DoS
Feb 28, 2023
CVSS 7.5
EPSS 0.00
CVE-2022-41723 HIGH
HTTP/2 - Denial of Service
Feb 28, 2023
CVSS 7.5
EPSS 0.00
CVE-2022-41722 HIGH
filepath.Clean - Path Traversal
Feb 28, 2023
CVSS 7.5
EPSS 0.00
Products
go 169 velociraptor 7 crypto 6 net 6 http2 5 image 5 text 4 ssh 3 networking 2 tiff 2 glog 1 h2c 1 hpack 1 package_ssh 1 protobuf 1 vscode-go 1
Quick Filters
Critical CVEs With Exploits In CISA KEV