Search for packages
| purl | pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1rsj-pm1p-qbd6 | Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution. |
CVE-2022-2880
|
| VCID-3ypr-ppaw-kkf4 | Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution. |
CVE-2022-2879
|
| VCID-498g-zap2-vqag | Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution. |
CVE-2022-30635
|
| VCID-4ufj-v5z1-huec | Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution. |
CVE-2023-24534
|
| VCID-5kkq-5jpf-fqev | Multiple vulnerabilities have been discovered in HashiCorp Consul, the worst of which could result in denial of service. |
CVE-2022-41717
GHSA-xrjj-mj9h-534m |
| VCID-6189-d1tw-bfcp | Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution. |
CVE-2022-30630
|
| VCID-65mk-w8rx-zucs | Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution. |
CVE-2022-32189
|
| VCID-6a6z-bq7m-c3gf | crypto/x509: Panic in name constraint checking for malformed certificates in crypto/x509 |
CVE-2026-27138
|
| VCID-6rkv-zkwa-mqhf | os: os: Information disclosure via path traversal using specially crafted filenames |
CVE-2025-22873
|
| VCID-6tuu-4j3g-37fh | Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavior to set a value for a different environment variable. For example, the environment variable string "A=B\x00C=D" sets the variables "A=B" and "C=D". |
CVE-2022-41716
|
| VCID-81aw-mk9s-eydd | Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution. |
CVE-2022-32148
|
| VCID-86mk-kwg6-63h6 | Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution. |
CVE-2022-30633
|
| VCID-as38-uuy9-5qhu | golang: go/parser: stack exhaustion in all Parse* functions |
CVE-2022-1962
|
| VCID-azr4-u36f-pbew | Multiple vulnerabilities have been discovered in Go, the worst of which could result in denial of service. |
CVE-2022-27664
GHSA-69cg-p879-7622 |
| VCID-b9yc-jqye-afan | Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution. |
CVE-2023-24536
|
| VCID-e44x-a9xm-6ke9 | Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution. |
CVE-2022-41724
|
| VCID-evjj-hwvm-fbca | Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution. |
CVE-2023-24538
|
| VCID-g8y7-jdy7-afdh | Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution. |
CVE-2022-30632
|
| VCID-gtys-5r5h-p7ht |
CVE-2026-33810
|
|
| VCID-h2xu-3fm4-hkap | On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a "#cgo LDFLAGS" directive. |
CVE-2024-24787
|
| VCID-h3bw-m2us-cbgz | Multiple vulnerabilities have been discovered in Go, the worst of which could result in denial of service. |
CVE-2022-32190
|
| VCID-jsz8-cdt5-27f6 | crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509 |
CVE-2025-22874
|
| VCID-kjf2-r6zt-zqg9 | net/http: CrossOriginProtection bypass in net/http |
CVE-2025-47910
|
| VCID-nwsd-53hk-ffhr | crypto/x509: ParsePKCS1PrivateKey panic with partial keys in crypto/x509 |
CVE-2025-22865
|
| VCID-pcez-y67t-8yg3 | net/url: Incorrect parsing of IPv6 host literals in net/url |
CVE-2026-25679
|
| VCID-ps89-8u5a-kfc8 | Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution. |
CVE-2022-1705
|
| VCID-qemj-x1bx-h7gp | Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service. |
CVE-2024-24788
|
| VCID-rcxs-y7sb-pyb2 | golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results |
CVE-2023-24532
|
| VCID-rtb8-bayb-dfbn | Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution. |
CVE-2022-41715
|
| VCID-sbxp-ce7p-23dm | golang: path/filepath: path-filepath filepath.Clean path traversal |
CVE-2022-41722
|
| VCID-sdd3-35ng-g7a3 | golang.org/x/net vulnerable to Uncontrolled Resource Consumption A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. |
CVE-2022-41723
GHSA-vvpx-j8f3-3w6h |
| VCID-vxks-1bkp-6bd5 | Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution. |
CVE-2022-30631
|
| VCID-x5ub-bfb7-nbbr | crypto/x509: Incorrect enforcement of email constraints in crypto/x509 |
CVE-2026-27137
|
| VCID-xjm1-yec3-mkc6 | os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink. |
CVE-2025-0913
|
| VCID-yr11-kwf1-pqfz | Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution. |
CVE-2023-24537
|
| VCID-ywda-6x6q-tud4 | golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows |
CVE-2022-41720
|
| VCID-zg2y-sb18-p3ah | Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution. |
CVE-2022-41725
|