Vulnerabilities > Golang
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-28 | CVE-2022-41727 | Resource Exhaustion vulnerability in Golang Image and Tiff An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. | 5.5 |
| 2023-01-13 | CVE-2022-41721 | HTTP Request Smuggling vulnerability in Golang H2C A request smuggling attack is possible when using MaxBytesHandler. | 7.5 |
| 2022-12-08 | CVE-2022-41717 | Allocation of Resources Without Limits or Throttling vulnerability in Golang GO An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. | 5.3 |
| 2022-12-07 | CVE-2022-41720 | Path Traversal vulnerability in Golang GO On Windows, restricted files can be accessed via os.DirFS and http.Dir. | 7.5 |
| 2022-11-02 | CVE-2022-41716 | Injection vulnerability in Golang GO Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. | 7.5 |
| 2022-10-14 | CVE-2022-41715 | Unspecified vulnerability in Golang GO Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. | 7.5 |
| 2022-10-14 | CVE-2022-2879 | Allocation of Resources Without Limits or Throttling vulnerability in Golang GO Reader.Read does not set a limit on the maximum size of file headers. | 7.5 |
| 2022-10-14 | CVE-2022-2880 | HTTP Request Smuggling vulnerability in Golang GO Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. | 7.5 |
| 2022-10-14 | CVE-2022-32149 | Missing Release of Resource after Effective Lifetime vulnerability in Golang Text An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse. | 7.5 |
| 2022-09-13 | CVE-2022-32190 | Path Traversal vulnerability in Golang GO JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path. | 7.5 |