Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/golang-golang-x-text@0.35.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-text@0.35.0-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (5)
Vulnerability Summary Aliases
VCID-2dh6-y93r-2ucc golang.org/x/text/language Out-of-bounds Read vulnerability golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack. CVE-2021-38561
GHSA-ppp9-7jff-5vj2
VCID-6rzu-td8d-1ycn Multiple vulnerabilities have been discovered in Gitea, the worst of which could lead to denial of service CVE-2022-32149
GHSA-69ch-w2m2-3vjp
VCID-hvfd-h9rm-jkbw golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag CVE-2020-28852
VCID-n82z-sfd6-x3af golang.org/x/text Infinite loop Go version v0.3.3 of the x/text package fixes a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String. ### Specific Go Packages Affected golang.org/x/text/encoding/unicode golang.org/x/text/transform CVE-2020-14040
GHSA-5rcv-m4m3-hfh7
VCID-r52s-2crw-tfbx golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension CVE-2020-28851

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T10:27:52.719033+00:00 Debian Importer Fixing VCID-hvfd-h9rm-jkbw https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:25:22.161926+00:00 Debian Importer Fixing VCID-n82z-sfd6-x3af https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:57:31.569549+00:00 Debian Importer Fixing VCID-r52s-2crw-tfbx https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-12T17:49:21.572635+00:00 Debian Importer Fixing VCID-6rzu-td8d-1ycn https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-12T17:49:21.505121+00:00 Debian Importer Fixing VCID-2dh6-y93r-2ucc https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-12T17:49:21.438129+00:00 Debian Importer Fixing VCID-hvfd-h9rm-jkbw https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-12T17:49:21.317920+00:00 Debian Importer Fixing VCID-n82z-sfd6-x3af https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:00:38.791455+00:00 Debian Importer Fixing VCID-r52s-2crw-tfbx https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:25:47.578805+00:00 Debian Importer Fixing VCID-6rzu-td8d-1ycn https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:47.525920+00:00 Debian Importer Fixing VCID-2dh6-y93r-2ucc https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:47.480015+00:00 Debian Importer Fixing VCID-hvfd-h9rm-jkbw https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:47.430174+00:00 Debian Importer Fixing VCID-r52s-2crw-tfbx https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:25:47.388370+00:00 Debian Importer Fixing VCID-n82z-sfd6-x3af https://security-tracker.debian.org/tracker/data/json 38.1.0