Vulnerabilities > Golang > GO > 1.19.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-08 | CVE-2023-39319 | Cross-site Scripting vulnerability in Golang GO The html/template package does not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. | 6.1 |
| 2023-08-02 | CVE-2023-29409 | Resource Exhaustion vulnerability in Golang GO Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. | 5.3 |
| 2023-07-11 | CVE-2023-29406 | Interpretation Conflict vulnerability in Golang GO The HTTP/1 client does not fully validate the contents of the Host header. | 6.5 |
| 2023-06-08 | CVE-2023-29402 | Code Injection vulnerability in multiple products The go command may generate unexpected code at build time when using cgo. | 9.8 |
| 2023-06-08 | CVE-2023-29403 | Exposure of Resource to Wrong Sphere vulnerability in multiple products On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. | 7.8 |
| 2023-06-08 | CVE-2023-29404 | Code Injection vulnerability in multiple products The go command may execute arbitrary code at build time when using cgo. | 9.8 |
| 2023-06-08 | CVE-2023-29405 | Injection vulnerability in multiple products The go command may execute arbitrary code at build time when using cgo. | 9.8 |