Filter
Versions
1.20.0
20
1.18.0
18
1.16.0
10
1.19.0
8
1.21.0
8
1.17.0
7
1.15
6
1.12
4
1.21.0-0
4
1.11.0
3
1.13
3
1.5
3
1.9
3
1.14.0
2
1.20.0-rc1
2
1.20.0-rc2
2
1.20.0-rc3
2
1.22.0
2
1.4.2
2
1.6
2
1.7
2
1.8.3
2
0.0.0-20200220183623-bac4c82f6975
1
1.0
1
1.0.2
1
1.1
1
1.1.1
1
1.1.2
1
1.10
1
1.10-beta1
1
1.10-beta2
1
1.10-rc1
1
1.11.1
1
1.12.0
1
1.12.5
1
1.14
1
1.15.0
1
1.15.12
1
1.15.4
1
1.16.4
1
1.17
1
1.19.0-beta1
1
1.19.0-rc1
1
1.19.0-rc2
1
1.2
1
1.2.1
1
1.2.2
1
1.21.0-rc1
1
1.21.0-rc2
1
1.21.0-rc3
1
1.3
1
1.3.1
1
1.5.1
1
1.5.2
1
1.7-rc1
1
1.8.6
1
1.9.1
1
1.9.2
1
1.9.3
1
redhat/golangUnexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip
9.8
First published (updated )
GoArbitrary code execution via go.mod toolchain directive in cmd/go
9.8
First published (updated )
Fedoraproject FedoraArbitrary code execution during build via line directives in cmd/go
9.8
First published (updated )
redhat/go-toolsetArbitrary code execution via the go command with cgo in cmd/go
9.8
First published (updated )
redhat/go-toolsetArbitrary code execution in go command with cgo in cmd/go and cmd/cgo
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/golangBackticks not treated as string delimiters in html/template
9.8
First published (updated )
redhat/golangImproper handling of JavaScript whitespace in html/template
9.8
First published (updated )
redhat/golangGo before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domain…
9.8
First published (updated )
GoThe encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics o…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GoGo through 1.12.5 on Windows mishandles process creation with a nil environment in conjunction with …
9.8
First published (updated )
redhat enterprise Linux server eusThe net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers…
9.8
First published (updated )
redhat enterprise Linux server eusThe net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP head…
9.8
First published (updated )
Gogolang/go in 1.0.2 fixes all.bash on shared machines. dotest() in src/pkg/debug/gosym/pclntab_test.g…
9.8
First published (updated )
redhat openstackThe net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GoThe encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute…
9.8
First published (updated )
GoThe encoding/xml package in Go (all versions) does not correctly preserve the semantics of element n…
9.8
First published (updated )
IBM Cloud Pak for Business AutomationImproper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
9.8
First published (updated )
IBM Cloud Pak for Business AutomationImproper handling of non-optional LDFLAGS in go command with cgo in cmd/go
9.8
First published (updated )
IBM Cloud Pak for Business AutomationCode injection via go command with cgo in cmd/go
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Gonet/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to…
9.8
First published (updated )
redhat/goCurve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly ret…
9.1
First published (updated )
GoGo before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows a…
8.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microsoft Windows 10Microsoft Windows CryptoAPI Spoofing Vulnerability
First published (updated )
redhat/GoThe net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace…
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.