Vulnerabilities > Golang > Text > 0.3.4

DATE CVE VULNERABILITY TITLE RISK
2022-12-26 CVE-2021-38561 Out-of-bounds Read vulnerability in Golang Text
golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing.
network
low complexity
golang CWE-125
7.5
7.5
2022-10-14 CVE-2022-32149 Missing Release of Resource after Effective Lifetime vulnerability in Golang Text
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.
network
low complexity
golang CWE-772
7.5
7.5
2021-01-02 CVE-2020-28852 Improper Validation of Array Index vulnerability in Golang Text
In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag.
network
low complexity
golang CWE-129
7.5
7.5