Vulnerabilities > Golang
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-06 | CVE-2023-24534 | Resource Exhaustion vulnerability in Golang GO HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. | 7.5 |
2023-04-06 | CVE-2023-24536 | Allocation of Resources Without Limits or Throttling vulnerability in Golang GO Multipart form parsing can consume large amounts of CPU and memory when processing form inputs containing very large numbers of parts. | 7.5 |
2023-03-08 | CVE-2023-24532 | Incorrect Calculation vulnerability in Golang GO The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). | 5.3 |
2023-02-28 | CVE-2022-41722 | Path Traversal vulnerability in Golang GO A path traversal vulnerability exists in filepath.Clean on Windows. | 7.5 |
2023-02-28 | CVE-2022-41723 | Unspecified vulnerability in Golang GO A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. | 7.5 |
2023-02-28 | CVE-2022-41724 | Resource Exhaustion vulnerability in Golang GO Large handshake records may cause panics in crypto/tls. | 7.5 |
2023-02-28 | CVE-2022-41725 | Allocation of Resources Without Limits or Throttling vulnerability in Golang GO A denial of service is possible from excessive resource consumption in net/http and mime/multipart. | 7.5 |
2023-02-28 | CVE-2022-41727 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. | 5.5 |
2023-01-13 | CVE-2022-41721 | HTTP Request Smuggling vulnerability in Golang H2C A request smuggling attack is possible when using MaxBytesHandler. | 7.5 |
2022-12-26 | CVE-2021-38561 | Out-of-bounds Read vulnerability in Golang Text golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. | 7.5 |