Vulnerabilities > Golang
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-08 | CVE-2023-24532 | Incorrect Calculation vulnerability in Golang GO The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). | 5.3 |
| 2023-02-28 | CVE-2022-41722 | Path Traversal vulnerability in Golang GO A path traversal vulnerability exists in filepath.Clean on Windows. | 7.5 |
| 2023-02-28 | CVE-2022-41723 | Resource Exhaustion vulnerability in Golang GO A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. | 7.5 |
| 2023-02-28 | CVE-2022-41724 | Resource Exhaustion vulnerability in Golang GO Large handshake records may cause panics in crypto/tls. | 7.5 |
| 2023-02-28 | CVE-2022-41725 | Resource Exhaustion vulnerability in Golang GO A denial of service is possible from excessive resource consumption in net/http and mime/multipart. | 7.5 |
| 2023-02-28 | CVE-2022-41727 | Resource Exhaustion vulnerability in Golang Image and Tiff An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. | 5.5 |
| 2023-01-13 | CVE-2022-41721 | HTTP Request Smuggling vulnerability in Golang H2C A request smuggling attack is possible when using MaxBytesHandler. | 7.5 |
| 2022-12-08 | CVE-2022-41717 | Allocation of Resources Without Limits or Throttling vulnerability in Golang GO An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. | 5.3 |
| 2022-12-07 | CVE-2022-41720 | Path Traversal vulnerability in Golang GO On Windows, restricted files can be accessed via os.DirFS and http.Dir. | 7.5 |
| 2022-11-02 | CVE-2022-41716 | Injection vulnerability in Golang GO Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. | 7.5 |