Search for packages
| purl | pkg:alpm/archlinux/go@2:1.15.6-1 |
| Next non-vulnerable version | 2:1.15.7-1 |
| Latest non-vulnerable version | 2:1.24.3-1 |
| Risk | 3.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-8dup-t5n7-aaas
Aliases: CVE-2021-3114 |
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field. |
Affected by 0 other vulnerabilities. |
|
VCID-npn5-x97a-aaad
Aliases: CVE-2021-3115 |
Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download). |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:46:45.705467+00:00 | Arch Linux Importer | Affected by | VCID-8dup-t5n7-aaas | https://security.archlinux.org/AVG-1481 | 36.0.0 |
| 2025-03-28T07:46:45.673163+00:00 | Arch Linux Importer | Affected by | VCID-npn5-x97a-aaad | https://security.archlinux.org/AVG-1481 | 36.0.0 |
| 2024-09-18T02:02:06.618283+00:00 | Arch Linux Importer | Affected by | VCID-8dup-t5n7-aaas | https://security.archlinux.org/AVG-1481 | 34.0.1 |
| 2024-09-18T02:02:06.589079+00:00 | Arch Linux Importer | Affected by | VCID-npn5-x97a-aaad | https://security.archlinux.org/AVG-1481 | 34.0.1 |
| 2024-01-03T22:28:09.095346+00:00 | Arch Linux Importer | Affected by | VCID-8dup-t5n7-aaas | https://security.archlinux.org/AVG-1481 | 34.0.0rc1 |
| 2024-01-03T22:28:09.071214+00:00 | Arch Linux Importer | Affected by | VCID-npn5-x97a-aaad | https://security.archlinux.org/AVG-1481 | 34.0.0rc1 |