Vulnerabilities > Golang > GO > 1.11.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-17 | CVE-2020-14039 | Improper Certificate Validation vulnerability in multiple products In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). | 5.3 |
2019-09-30 | CVE-2019-16276 | HTTP Request Smuggling vulnerability in multiple products Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. | 7.5 |
2019-08-13 | CVE-2019-14809 | net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. | 9.8 |
2019-05-13 | CVE-2019-11888 | Improper Privilege Management vulnerability in Golang GO Go through 1.12.5 on Windows mishandles process creation with a nil environment in conjunction with a non-nil token, which allows attackers to obtain sensitive information or gain privileges. | 7.5 |
2019-03-08 | CVE-2019-9634 | Uncontrolled Search Path Element vulnerability in Golang GO Go through 1.12 on Windows misuses certain LoadLibrary functionality, leading to DLL injection. | 6.8 |