Search for packages
| purl | pkg:alpm/archlinux/go@2:1.16.3-1 |
| Next non-vulnerable version | 2:1.17-1 |
| Latest non-vulnerable version | 2:1.24.3-1 |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-mtfq-ngz6-aaad
Aliases: CVE-2021-31525 GHSA-h86h-8ppg-mxmh |
net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations. |
Affected by 4 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:47:04.169516+00:00 | Arch Linux Importer | Affected by | VCID-mtfq-ngz6-aaad | https://security.archlinux.org/AVG-1927 | 36.0.0 |
| 2024-09-18T02:02:27.362305+00:00 | Arch Linux Importer | Affected by | VCID-mtfq-ngz6-aaad | https://security.archlinux.org/AVG-1927 | 34.0.1 |
| 2024-01-03T22:28:28.348980+00:00 | Arch Linux Importer | Affected by | VCID-mtfq-ngz6-aaad | https://security.archlinux.org/AVG-1927 | 34.0.0rc1 |