Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid
purl pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid
Next non-vulnerable version 1.25.9-1
Latest non-vulnerable version 1.25.9-1
Risk 4.0
Vulnerabilities affecting this package (9)
Vulnerability Summary Fixed by
VCID-245f-jhkn-w3ck
Aliases:
CVE-2026-32281
1.25.9-1
Affected by 0 other vulnerabilities.
VCID-91yp-p6st-8ucd
Aliases:
CVE-2026-32288
1.25.9-1
Affected by 0 other vulnerabilities.
VCID-ju53-xpej-3qca
Aliases:
CVE-2026-27140
1.25.9-1
Affected by 0 other vulnerabilities.
VCID-s176-xcrb-e3ea
Aliases:
CVE-2026-27143
1.25.9-1
Affected by 0 other vulnerabilities.
VCID-svbs-h3y5-wfbn
Aliases:
CVE-2026-32289
1.25.9-1
Affected by 0 other vulnerabilities.
VCID-t19m-gs1u-rbfp
Aliases:
CVE-2026-27144
1.25.9-1
Affected by 0 other vulnerabilities.
VCID-tf52-aa91-4kf3
Aliases:
CVE-2026-32280
1.25.9-1
Affected by 0 other vulnerabilities.
VCID-tmb1-tq9e-puhd
Aliases:
CVE-2026-32282
1.25.9-1
Affected by 0 other vulnerabilities.
VCID-vw1r-8zev-ykf4
Aliases:
CVE-2026-32283
1.25.9-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (26)
Vulnerability Summary Aliases
VCID-254d-pjst-c7hx golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http CVE-2025-58186
VCID-3nqb-6mna-jyb4 net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto CVE-2025-61724
VCID-5q9b-a7c4-1yht golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip CVE-2025-61728
VCID-6a6z-bq7m-c3gf crypto/x509: Panic in name constraint checking for malformed certificates in crypto/x509 CVE-2026-27138
VCID-7n3z-vwk2-3ydr crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509 CVE-2025-58188
VCID-8s5d-1byz-8fhz html/template: URLs in meta content attribute actions are not escaped in html/template CVE-2026-27142
VCID-9ky3-s2vk-cuge golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs CVE-2025-61727
VCID-br2f-7ux9-hkhg encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem CVE-2025-61723
VCID-bv1f-bee8-cbek net/mail: Excessive CPU consumption in ParseAddress in net/mail CVE-2025-61725
VCID-csmt-e61b-tued cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive CVE-2025-61731
VCID-czyb-wuf2-x7he os: FileInfo can escape from a Root in golang os module CVE-2026-27139
VCID-dp1t-v58b-43du crypto/tls: Unexpected session resumption in crypto/tls CVE-2025-68121
VCID-dtt9-gmqf-nbaf golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726
VCID-eyev-qpgs-hfbx cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy CVE-2025-61732
VCID-gtys-5r5h-p7ht CVE-2026-33810
VCID-hay4-q9m3-ekdj crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729
VCID-je6z-v5qw-ufew During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries (for instance the Client Hello and Encrypted Extensions messages), the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosure if a network-local attacker can inject messages during the handshake. CVE-2025-61730
VCID-kjf2-r6zt-zqg9 net/http: CrossOriginProtection bypass in net/http CVE-2025-47910
VCID-mvsr-c2yh-mbdq golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183
VCID-pcez-y67t-8yg3 net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679
VCID-q9yj-ze4x-qyfr crypto/x509: Quadratic complexity when checking name constraints in crypto/x509 CVE-2025-58187
VCID-sb3w-x3yv-ffft net/url: Insufficient validation of bracketed IPv6 hostnames in net/url CVE-2025-47912
VCID-t2dr-6dz3-7qgt encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1 CVE-2025-58185
VCID-usyf-s559-pkgx crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information CVE-2025-58189
VCID-wchc-as62-1fae cmd/go: cmd/go: Local code execution and arbitrary file write via malicious module version strings CVE-2025-68119
VCID-x5ub-bfb7-nbbr crypto/x509: Incorrect enforcement of email constraints in crypto/x509 CVE-2026-27137

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T12:37:38.647738+00:00 Debian Importer Fixing VCID-usyf-s559-pkgx https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:33:47.773924+00:00 Debian Importer Fixing VCID-csmt-e61b-tued https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:09:56.813401+00:00 Debian Importer Fixing VCID-kjf2-r6zt-zqg9 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:48:11.655775+00:00 Debian Importer Fixing VCID-254d-pjst-c7hx https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:39:15.784713+00:00 Debian Importer Fixing VCID-mvsr-c2yh-mbdq https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:15:56.533140+00:00 Debian Importer Fixing VCID-3nqb-6mna-jyb4 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:51:20.660963+00:00 Debian Importer Fixing VCID-dp1t-v58b-43du https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:38:50.466302+00:00 Debian Importer Fixing VCID-dtt9-gmqf-nbaf https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:37:57.233909+00:00 Debian Importer Fixing VCID-7n3z-vwk2-3ydr https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:37:38.390249+00:00 Debian Importer Fixing VCID-6a6z-bq7m-c3gf https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:28:34.677113+00:00 Debian Importer Fixing VCID-gtys-5r5h-p7ht https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:02:48.713138+00:00 Debian Importer Fixing VCID-br2f-7ux9-hkhg https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:02:05.344687+00:00 Debian Importer Fixing VCID-czyb-wuf2-x7he https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:00:23.366687+00:00 Debian Importer Fixing VCID-5q9b-a7c4-1yht https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:59:07.324507+00:00 Debian Importer Fixing VCID-q9yj-ze4x-qyfr https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:53:43.624937+00:00 Debian Importer Fixing VCID-x5ub-bfb7-nbbr https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:49:19.377796+00:00 Debian Importer Fixing VCID-hay4-q9m3-ekdj https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:47:40.682670+00:00 Debian Importer Fixing VCID-wchc-as62-1fae https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:44:26.742146+00:00 Debian Importer Fixing VCID-eyev-qpgs-hfbx https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:42:34.741559+00:00 Debian Importer Fixing VCID-9ky3-s2vk-cuge https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:37:50.876698+00:00 Debian Importer Fixing VCID-t2dr-6dz3-7qgt https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:26:35.357922+00:00 Debian Importer Fixing VCID-pcez-y67t-8yg3 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:19:42.432375+00:00 Debian Importer Fixing VCID-sb3w-x3yv-ffft https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:01:44.019515+00:00 Debian Importer Fixing VCID-je6z-v5qw-ufew https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:58:02.065657+00:00 Debian Importer Fixing VCID-8s5d-1byz-8fhz https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:43:33.824037+00:00 Debian Importer Fixing VCID-bv1f-bee8-cbek https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T08:39:05.713772+00:00 Debian Importer Fixing VCID-usyf-s559-pkgx https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:36:15.959510+00:00 Debian Importer Fixing VCID-csmt-e61b-tued https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:19:09.763358+00:00 Debian Importer Fixing VCID-kjf2-r6zt-zqg9 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:03:05.341661+00:00 Debian Importer Fixing VCID-254d-pjst-c7hx https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:56:22.291658+00:00 Debian Importer Fixing VCID-mvsr-c2yh-mbdq https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:39:44.433633+00:00 Debian Importer Fixing VCID-3nqb-6mna-jyb4 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:21:04.266660+00:00 Debian Importer Fixing VCID-dp1t-v58b-43du https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:11:55.059362+00:00 Debian Importer Fixing VCID-dtt9-gmqf-nbaf https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:11:13.979423+00:00 Debian Importer Fixing VCID-7n3z-vwk2-3ydr https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:10:58.300572+00:00 Debian Importer Fixing VCID-6a6z-bq7m-c3gf https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:04:10.023298+00:00 Debian Importer Fixing VCID-gtys-5r5h-p7ht https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:44:22.115868+00:00 Debian Importer Fixing VCID-br2f-7ux9-hkhg https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:43:50.095364+00:00 Debian Importer Fixing VCID-czyb-wuf2-x7he https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:42:29.748909+00:00 Debian Importer Fixing VCID-5q9b-a7c4-1yht https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:41:27.563638+00:00 Debian Importer Fixing VCID-q9yj-ze4x-qyfr https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:37:13.865907+00:00 Debian Importer Fixing VCID-x5ub-bfb7-nbbr https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:33:47.251617+00:00 Debian Importer Fixing VCID-hay4-q9m3-ekdj https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:32:32.832525+00:00 Debian Importer Fixing VCID-wchc-as62-1fae https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:30:05.725144+00:00 Debian Importer Fixing VCID-eyev-qpgs-hfbx https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:27:21.929140+00:00 Debian Importer Fixing VCID-9ky3-s2vk-cuge https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:24:36.940301+00:00 Debian Importer Fixing VCID-t2dr-6dz3-7qgt https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:18:05.252912+00:00 Debian Importer Fixing VCID-pcez-y67t-8yg3 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:13:56.166839+00:00 Debian Importer Fixing VCID-sb3w-x3yv-ffft https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:03:13.069164+00:00 Debian Importer Fixing VCID-je6z-v5qw-ufew https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:00:55.273335+00:00 Debian Importer Fixing VCID-8s5d-1byz-8fhz https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:51:45.982336+00:00 Debian Importer Fixing VCID-bv1f-bee8-cbek https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-09T17:36:42.674928+00:00 Debian Importer Fixing VCID-gtys-5r5h-p7ht https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-09T17:36:42.654611+00:00 Debian Importer Affected by VCID-svbs-h3y5-wfbn https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-09T17:36:42.634242+00:00 Debian Importer Affected by VCID-91yp-p6st-8ucd https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-09T17:36:42.616317+00:00 Debian Importer Affected by VCID-vw1r-8zev-ykf4 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-09T17:36:42.598783+00:00 Debian Importer Affected by VCID-tmb1-tq9e-puhd https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-09T17:36:42.581594+00:00 Debian Importer Affected by VCID-245f-jhkn-w3ck https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-09T17:36:42.563908+00:00 Debian Importer Affected by VCID-tf52-aa91-4kf3 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-09T17:36:42.546846+00:00 Debian Importer Affected by VCID-t19m-gs1u-rbfp https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-09T17:36:42.529237+00:00 Debian Importer Affected by VCID-s176-xcrb-e3ea https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-09T17:36:42.491779+00:00 Debian Importer Affected by VCID-ju53-xpej-3qca https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.619170+00:00 Debian Importer Fixing VCID-8s5d-1byz-8fhz https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.605786+00:00 Debian Importer Fixing VCID-czyb-wuf2-x7he https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.585547+00:00 Debian Importer Fixing VCID-6a6z-bq7m-c3gf https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.563989+00:00 Debian Importer Fixing VCID-x5ub-bfb7-nbbr https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.550626+00:00 Debian Importer Fixing VCID-pcez-y67t-8yg3 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.529306+00:00 Debian Importer Fixing VCID-dp1t-v58b-43du https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.505741+00:00 Debian Importer Fixing VCID-wchc-as62-1fae https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.482761+00:00 Debian Importer Fixing VCID-eyev-qpgs-hfbx https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.460863+00:00 Debian Importer Fixing VCID-csmt-e61b-tued https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.437451+00:00 Debian Importer Fixing VCID-je6z-v5qw-ufew https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.413513+00:00 Debian Importer Fixing VCID-hay4-q9m3-ekdj https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.390079+00:00 Debian Importer Fixing VCID-5q9b-a7c4-1yht https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.366467+00:00 Debian Importer Fixing VCID-9ky3-s2vk-cuge https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.341024+00:00 Debian Importer Fixing VCID-dtt9-gmqf-nbaf https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.318037+00:00 Debian Importer Fixing VCID-bv1f-bee8-cbek https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.297492+00:00 Debian Importer Fixing VCID-3nqb-6mna-jyb4 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.277159+00:00 Debian Importer Fixing VCID-br2f-7ux9-hkhg https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.257121+00:00 Debian Importer Fixing VCID-usyf-s559-pkgx https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.237063+00:00 Debian Importer Fixing VCID-7n3z-vwk2-3ydr https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.216655+00:00 Debian Importer Fixing VCID-q9yj-ze4x-qyfr https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.195773+00:00 Debian Importer Fixing VCID-254d-pjst-c7hx https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.175680+00:00 Debian Importer Fixing VCID-t2dr-6dz3-7qgt https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.155288+00:00 Debian Importer Fixing VCID-mvsr-c2yh-mbdq https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.134025+00:00 Debian Importer Fixing VCID-sb3w-x3yv-ffft https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:40.111561+00:00 Debian Importer Fixing VCID-kjf2-r6zt-zqg9 https://security-tracker.debian.org/tracker/data/json 38.1.0