Search for packages
| purl | pkg:alpm/archlinux/go@2:1.17-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-d4n1-h8n8-aaas | The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications. |
CVE-2020-29509
GHSA-xhqq-x44f-9fgg |
| VCID-gr8u-cwm1-aaan | The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications. |
CVE-2020-29511
|
| VCID-my95-nvxp-aaae | The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications. |
CVE-2020-29510
|
| VCID-pz2t-umsf-aaan | Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR. |
CVE-2021-29923
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:46:30.053420+00:00 | Arch Linux Importer | Fixing | VCID-d4n1-h8n8-aaas | https://security.archlinux.org/AVG-1357 | 36.0.0 |
| 2025-03-28T07:46:30.034573+00:00 | Arch Linux Importer | Fixing | VCID-my95-nvxp-aaae | https://security.archlinux.org/AVG-1357 | 36.0.0 |
| 2025-03-28T07:46:30.015661+00:00 | Arch Linux Importer | Fixing | VCID-gr8u-cwm1-aaan | https://security.archlinux.org/AVG-1357 | 36.0.0 |
| 2025-03-28T07:46:29.996648+00:00 | Arch Linux Importer | Fixing | VCID-pz2t-umsf-aaan | https://security.archlinux.org/AVG-1357 | 36.0.0 |
| 2024-09-18T02:01:47.362224+00:00 | Arch Linux Importer | Fixing | VCID-d4n1-h8n8-aaas | https://security.archlinux.org/AVG-1357 | 34.0.1 |
| 2024-09-18T02:01:47.337787+00:00 | Arch Linux Importer | Fixing | VCID-my95-nvxp-aaae | https://security.archlinux.org/AVG-1357 | 34.0.1 |
| 2024-09-18T02:01:47.313401+00:00 | Arch Linux Importer | Fixing | VCID-gr8u-cwm1-aaan | https://security.archlinux.org/AVG-1357 | 34.0.1 |
| 2024-09-18T02:01:47.291241+00:00 | Arch Linux Importer | Fixing | VCID-pz2t-umsf-aaan | https://security.archlinux.org/AVG-1357 | 34.0.1 |
| 2024-01-03T22:27:52.643113+00:00 | Arch Linux Importer | Fixing | VCID-d4n1-h8n8-aaas | https://security.archlinux.org/AVG-1357 | 34.0.0rc1 |
| 2024-01-03T22:27:52.620938+00:00 | Arch Linux Importer | Fixing | VCID-my95-nvxp-aaae | https://security.archlinux.org/AVG-1357 | 34.0.0rc1 |
| 2024-01-03T22:27:52.597249+00:00 | Arch Linux Importer | Fixing | VCID-gr8u-cwm1-aaan | https://security.archlinux.org/AVG-1357 | 34.0.0rc1 |
| 2024-01-03T22:27:52.572859+00:00 | Arch Linux Importer | Fixing | VCID-pz2t-umsf-aaan | https://security.archlinux.org/AVG-1357 | 34.0.0rc1 |