Vulnerabilities > Golang > GO > 1.20.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-06 | CVE-2023-39326 | Unspecified vulnerability in Golang GO A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. | 5.3 |
| 2023-12-06 | CVE-2023-45285 | Unspecified vulnerability in Golang GO Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. | 7.5 |
| 2023-11-09 | CVE-2023-45283 | Path Traversal vulnerability in Golang GO The filepath package does not recognize paths with a \??\ prefix as special. | 7.5 |
| 2023-11-09 | CVE-2023-45284 | Unspecified vulnerability in Golang GO On Windows, The IsLocal function does not correctly detect reserved device names in some cases. | 5.3 |