Filter
Software
Golang GoUnexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip
9.8
First published (updated )
Golang GoArbitrary code execution via go.mod toolchain directive in cmd/go
9.8
First published (updated )
Fedoraproject FedoraArbitrary code execution during build via line directives in cmd/go
9.8
First published (updated )
redhat/go-toolsetArbitrary code execution via the go command with cgo in cmd/go
9.8
First published (updated )
redhat/goArbitrary code execution in go command with cgo in cmd/go and cmd/cgo
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Golang GoBackticks not treated as string delimiters in html/template
9.8
First published (updated )
Golang GoImproper handling of JavaScript whitespace in html/template
9.8
First published (updated )
Golang GoGo before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domain…
9.8
First published (updated )
Golang GoThe encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics o…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Golang GoGo through 1.12.5 on Windows mishandles process creation with a nil environment in conjunction with …
9.8
First published (updated )
Redhat Enterprise Linux Server EusThe net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers…
9.8
First published (updated )
Redhat Enterprise Linux Server EusThe net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP head…
9.8
First published (updated )
Golang Gogolang/go in 1.0.2 fixes all.bash on shared machines. dotest() in src/pkg/debug/gosym/pclntab_test.g…
9.8
First published (updated )
Redhat OpenstackThe net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Golang GoThe encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute…
9.8
First published (updated )
Golang GoThe encoding/xml package in Go (all versions) does not correctly preserve the semantics of element n…
9.8
First published (updated )
IBM Cloud Pak for Business AutomationImproper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
9.8
First published (updated )
IBM Cloud Pak for Business AutomationImproper handling of non-optional LDFLAGS in go command with cgo in cmd/go
9.8
First published (updated )
IBM Cloud Pak for Business AutomationCode injection via go command with cgo in cmd/go
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Golang Gonet/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to…
9.8
First published (updated )
redhat/goCurve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly ret…
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Golang GoGo before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows a…
8.2
First published (updated )
Microsoft Windows 10Microsoft Windows CryptoAPI Spoofing Vulnerability
First published (updated )
Fedoraproject FedoraThe net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace…
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.