Search for packages
| purl | pkg:deb/debian/golang-golang-x-text@0.36.0-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-2dh6-y93r-2ucc | golang.org/x/text/language Out-of-bounds Read vulnerability golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack. |
CVE-2021-38561
GHSA-ppp9-7jff-5vj2 |
| VCID-6rzu-td8d-1ycn | Multiple vulnerabilities have been discovered in Gitea, the worst of which could lead to denial of service |
CVE-2022-32149
GHSA-69ch-w2m2-3vjp |
| VCID-hvfd-h9rm-jkbw | golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag |
CVE-2020-28852
|
| VCID-n82z-sfd6-x3af | golang.org/x/text Infinite loop Go version v0.3.3 of the x/text package fixes a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String. ### Specific Go Packages Affected golang.org/x/text/encoding/unicode golang.org/x/text/transform |
CVE-2020-14040
GHSA-5rcv-m4m3-hfh7 |
| VCID-r52s-2crw-tfbx | golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension |
CVE-2020-28851
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T11:03:27.490520+00:00 | Debian Importer | Fixing | VCID-n82z-sfd6-x3af | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T10:27:52.725676+00:00 | Debian Importer | Fixing | VCID-hvfd-h9rm-jkbw | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T10:07:24.195553+00:00 | Debian Importer | Fixing | VCID-r52s-2crw-tfbx | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-12T17:49:21.585610+00:00 | Debian Importer | Fixing | VCID-6rzu-td8d-1ycn | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-12T17:49:21.516624+00:00 | Debian Importer | Fixing | VCID-2dh6-y93r-2ucc | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-12T17:49:21.448112+00:00 | Debian Importer | Fixing | VCID-hvfd-h9rm-jkbw | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-12T17:49:21.384043+00:00 | Debian Importer | Fixing | VCID-r52s-2crw-tfbx | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-12T17:49:21.328610+00:00 | Debian Importer | Fixing | VCID-n82z-sfd6-x3af | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |