Vulnerabilities > Golang > GO > 1.19.9

DATE CVE VULNERABILITY TITLE RISK
2023-07-11 CVE-2023-29406 Interpretation Conflict vulnerability in Golang GO
The HTTP/1 client does not fully validate the contents of the Host header.
network
low complexity
golang CWE-436
6.5
6.5
2023-06-08 CVE-2023-29402 Code Injection vulnerability in multiple products
The go command may generate unexpected code at build time when using cgo.
network
low complexity
golang fedoraproject CWE-94
critical
 9.8
9.8
2023-06-08 CVE-2023-29403 Exposure of Resource to Wrong Sphere vulnerability in multiple products
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits.
local
low complexity
golang fedoraproject CWE-668
7.8
7.8
2023-06-08 CVE-2023-29404 Code Injection vulnerability in multiple products
The go command may execute arbitrary code at build time when using cgo.
network
low complexity
golang fedoraproject CWE-94
critical
 9.8
9.8
2023-06-08 CVE-2023-29405 Injection vulnerability in multiple products
The go command may execute arbitrary code at build time when using cgo.
network
low complexity
golang fedoraproject CWE-74
critical
 9.8
9.8