Vulnerabilities > Golang > GO > 1.21.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-05 | CVE-2024-24789 | Unspecified vulnerability in Golang GO The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. | 5.5 |
| 2024-06-05 | CVE-2024-24790 | Unspecified vulnerability in Golang GO The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms. | 9.8 |
| 2023-12-06 | CVE-2023-39326 | Unspecified vulnerability in Golang GO A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. | 5.3 |
| 2023-12-06 | CVE-2023-45285 | Unspecified vulnerability in Golang GO Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. | 7.5 |
| 2023-11-09 | CVE-2023-45283 | Path Traversal vulnerability in Golang GO The filepath package does not recognize paths with a \??\ prefix as special. | 7.5 |
| 2023-11-09 | CVE-2023-45284 | Unspecified vulnerability in Golang GO On Windows, The IsLocal function does not correctly detect reserved device names in some cases. | 5.3 |