VulnerableCode Package Details - pkg:alpm/archlinux/go@1.24.3-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/go@1.24.3-1

Essentials
History (2)

purl	pkg:alpm/archlinux/go@1.24.3-1

Next non-vulnerable version	1.24.4-1
Latest non-vulnerable version	2:1.24.3-1
Risk	3.4

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-7ym3-nkc7-93dw Aliases: CVE-2025-4673	net/http: Sensitive headers not cleared on cross-origin redirect in net/http	1.24.4-1 Affected by 0 other vulnerabilities.
VCID-jsz8-cdt5-27f6 Aliases: CVE-2025-22874	crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509	1.24.4-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T18:26:23.474165+00:00	Arch Linux Importer	Affected by	VCID-jsz8-cdt5-27f6	https://security.archlinux.org/AVG-2896	38.0.0
2026-04-01T18:26:23.450528+00:00	Arch Linux Importer	Affected by	VCID-7ym3-nkc7-93dw	https://security.archlinux.org/AVG-2896	38.0.0