golang

207 tracked vulnerabilities.

CVE-2021-27919 MEDIUM
Go <1.16.1 - Denial of Service
Mar 11, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-27918 HIGH
Go <1.15.9, <1.16.1 - Infinite Loop
Mar 11, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-3115 HIGH
GO < 1.14.14 - Uncontrolled Search Path
Jan 26, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-3114 MEDIUM
Go <1.14.14, <1.15.7 - Info Disclosure
Jan 26, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-3121 HIGH
GoGo Protobuf < 1.3.2 - Denial of Service via Improper Array Index Validation
Jan 11, 2021
CVSS 8.6
EPSS 0.00
CVE-2020-28852 HIGH
golang/text < 0.3.5 - Denial of Service via BCP 47 Tag Parsing
Jan 02, 2021
CVSS 7.5
EPSS 0.00
CVE-2020-28851 HIGH
GO - Improper Array Index Validation
Jan 02, 2021
CVSS 7.5
EPSS 0.00
CVE-2020-29652 HIGH
golang.org/x/crypto/ssh <v0.0.0-20201203163018 - DoS
Dec 17, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-29511 CRITICAL
Go - Info Disclosure
Dec 14, 2020
CVSS 9.8
EPSS 0.00
CVE-2020-29510 CRITICAL
Go <1.15 - Code Injection
Dec 14, 2020
CVSS 9.8
EPSS 0.00
CVE-2020-29509 CRITICAL
Go - Info Disclosure
Dec 14, 2020
CVSS 9.8
EPSS 0.00
CVE-2020-28367 HIGH
GO < 1.14.12 - Code Injection
Nov 18, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-28366 HIGH
GO < 1.14.12 - Code Injection
Nov 18, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-28362 HIGH
GO < 1.14.12 - Improper Certificate Validation
Nov 18, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-24553 MEDIUM
Go <1.14.8, <1.15.1 - XSS
Sep 02, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-16845 HIGH
GO < 1.13.15 - Infinite Loop
Aug 06, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-15586 MEDIUM
GO < 1.13.13 - Race Condition
Jul 17, 2020
CVSS 5.9
EPSS 0.01
CVE-2020-14039 MEDIUM
GO < 1.13.13 - Improper Certificate Validation
Jul 17, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-14040 HIGH
golang/text < 0.3.3 - Denial of Service via UTF-16 Decoder Infinite Loop
Jun 17, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-7919 HIGH
Go <1.12.16, <1.13.7 - Info Disclosure
Mar 16, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-9283 HIGH
golang.org/x/crypto/ssh < 0.0.0-20200220183623-bac4c82f6975 - Denial of Service via Cryptographic Signature Verification
Feb 20, 2020
CVSS 7.5
EPSS 0.19
CVE-2020-0601 HIGH KEV
Windows 10 and Windows Server - Certificate Spoofing via ECC Certificate Validation
Jan 14, 2020
CVSS 8.1
EPSS 0.94
CVE-2019-17596 HIGH
GO < 1.12.11 - Interpretation Conflict
Oct 24, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-16276 HIGH
Go <1.12.10, <1.13.1 - Server-Side Request Forgery
Sep 30, 2019
CVSS 7.5
EPSS 0.10
CVE-2019-14809 CRITICAL
Go <1.11.13, 1.12.x <1.12.8 - Auth Bypass
Aug 13, 2019
CVSS 9.8
EPSS 0.03
Products
go 169 velociraptor 7 crypto 6 net 6 http2 5 image 5 text 4 ssh 3 networking 2 tiff 2 glog 1 h2c 1 hpack 1 package_ssh 1 protobuf 1 vscode-go 1
Quick Filters
Critical CVEs With Exploits In CISA KEV