Vulnerabilities > Golang > GO > 1.1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-06 | CVE-2023-24537 | Integer Overflow or Wraparound vulnerability in Golang GO Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow. | 7.5 |
| 2023-04-06 | CVE-2023-24538 | Code Injection vulnerability in Golang GO Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. | 9.8 |
| 2023-04-06 | CVE-2023-24534 | Resource Exhaustion vulnerability in Golang GO HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. | 7.5 |
| 2023-04-06 | CVE-2023-24536 | Allocation of Resources Without Limits or Throttling vulnerability in Golang GO Multipart form parsing can consume large amounts of CPU and memory when processing form inputs containing very large numbers of parts. | 7.5 |
| 2023-03-08 | CVE-2023-24532 | Incorrect Calculation vulnerability in Golang GO The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). | 5.3 |
| 2023-02-28 | CVE-2022-41722 | Path Traversal vulnerability in Golang GO A path traversal vulnerability exists in filepath.Clean on Windows. | 7.5 |
| 2023-02-28 | CVE-2022-41723 | Unspecified vulnerability in Golang GO A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. | 7.5 |
| 2023-02-28 | CVE-2022-41724 | Resource Exhaustion vulnerability in Golang GO Large handshake records may cause panics in crypto/tls. | 7.5 |
| 2023-02-28 | CVE-2022-41725 | Allocation of Resources Without Limits or Throttling vulnerability in Golang GO A denial of service is possible from excessive resource consumption in net/http and mime/multipart. | 7.5 |
| 2022-12-08 | CVE-2022-41717 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. | 5.3 |