VulnerableCode Package Details - pkg:deb/debian/golang-1.15@1.15.15-1~deb11u2

Search for packages

Package details: pkg:deb/debian/golang-1.15@1.15.15-1~deb11u2

Essentials
History (47)

purl	pkg:deb/debian/golang-1.15@1.15.15-1~deb11u2

Next non-vulnerable version	1.15.15-1~deb11u4
Latest non-vulnerable version	1.15.15-1~deb11u4
Risk	4.5

Vulnerabilities affecting this package (4)

Vulnerability	Summary	Fixed by
VCID-ftng-xjpg-aaag Aliases: CVE-2022-23806	Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.	1.15.15-1~deb11u4 Affected by 0 other vulnerabilities.
VCID-hgur-mt73-aaah Aliases: CVE-2022-23772	Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.	1.15.15-1~deb11u4 Affected by 0 other vulnerabilities.
VCID-q8fq-1yrc-aaag Aliases: CVE-2022-24921	regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression.	1.15.15-1~deb11u4 Affected by 0 other vulnerabilities.
VCID-xn43-hdj8-aaad Aliases: CVE-2022-23773	cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags.	1.15.15-1~deb11u4 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (6)

Vulnerability	Summary	Aliases
VCID-66vz-z7v3-aaar	Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.	CVE-2021-44717
VCID-8ycp-22yk-aaap	Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.	CVE-2021-38297
VCID-ac31-1hfd-aaah	In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196.	CVE-2021-39293
VCID-nk3v-tvmw-aaam	net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.	CVE-2021-44716 GHSA-vc3p-29h2-gpcp
VCID-nphv-er38-aaae	ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.	CVE-2021-41771
VCID-v537-bky8-aaak	Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort.	CVE-2021-36221

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-21T19:19:35.546763+00:00	Debian Oval Importer	Fixing	VCID-ac31-1hfd-aaah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.3
2025-06-21T18:37:56.051680+00:00	Debian Oval Importer	Fixing	VCID-66vz-z7v3-aaar	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.3
2025-06-21T05:59:11.942793+00:00	Debian Oval Importer	Fixing	VCID-66vz-z7v3-aaar	None	36.1.3
2025-06-21T05:52:42.278640+00:00	Debian Oval Importer	Affected by	VCID-hgur-mt73-aaah	None	36.1.3
2025-06-21T05:51:15.540582+00:00	Debian Oval Importer	Affected by	VCID-q8fq-1yrc-aaag	None	36.1.3
2025-06-21T05:43:57.378758+00:00	Debian Oval Importer	Fixing	VCID-nk3v-tvmw-aaam	None	36.1.3
2025-06-21T05:42:55.597034+00:00	Debian Oval Importer	Fixing	VCID-nphv-er38-aaae	None	36.1.3
2025-06-21T05:38:06.756522+00:00	Debian Oval Importer	Fixing	VCID-8ycp-22yk-aaap	None	36.1.3
2025-06-21T04:29:23.316611+00:00	Debian Oval Importer	Fixing	VCID-ac31-1hfd-aaah	None	36.1.3
2025-06-21T02:14:47.129304+00:00	Debian Oval Importer	Affected by	VCID-xn43-hdj8-aaad	None	36.1.3
2025-06-21T02:09:53.767655+00:00	Debian Oval Importer	Fixing	VCID-v537-bky8-aaak	None	36.1.3
2025-06-21T02:07:39.914730+00:00	Debian Oval Importer	Affected by	VCID-ftng-xjpg-aaag	None	36.1.3
2025-06-08T13:05:29.165008+00:00	Debian Oval Importer	Affected by	VCID-xn43-hdj8-aaad	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.0
2025-06-08T12:48:39.097529+00:00	Debian Oval Importer	Affected by	VCID-q8fq-1yrc-aaag	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.0
2025-06-08T12:10:41.057875+00:00	Debian Oval Importer	Fixing	VCID-v537-bky8-aaak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.0
2025-06-08T11:48:19.378235+00:00	Debian Oval Importer	Fixing	VCID-ac31-1hfd-aaah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.0
2025-06-08T11:08:08.131721+00:00	Debian Oval Importer	Fixing	VCID-66vz-z7v3-aaar	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.0
2025-06-07T23:37:48.952242+00:00	Debian Oval Importer	Fixing	VCID-66vz-z7v3-aaar	None	36.1.0
2025-06-07T23:31:16.561792+00:00	Debian Oval Importer	Affected by	VCID-hgur-mt73-aaah	None	36.1.0
2025-06-07T23:29:50.737611+00:00	Debian Oval Importer	Affected by	VCID-q8fq-1yrc-aaag	None	36.1.0
2025-06-07T23:22:13.533281+00:00	Debian Oval Importer	Fixing	VCID-nk3v-tvmw-aaam	None	36.1.0
2025-06-07T23:21:09.520568+00:00	Debian Oval Importer	Fixing	VCID-nphv-er38-aaae	None	36.1.0
2025-06-07T23:16:12.454101+00:00	Debian Oval Importer	Fixing	VCID-8ycp-22yk-aaap	None	36.1.0
2025-06-07T22:05:45.840290+00:00	Debian Oval Importer	Fixing	VCID-ac31-1hfd-aaah	None	36.1.0
2025-06-07T19:38:34.129730+00:00	Debian Oval Importer	Affected by	VCID-xn43-hdj8-aaad	None	36.1.0
2025-06-07T19:33:38.053680+00:00	Debian Oval Importer	Fixing	VCID-v537-bky8-aaak	None	36.1.0
2025-06-07T19:31:23.106098+00:00	Debian Oval Importer	Affected by	VCID-ftng-xjpg-aaag	None	36.1.0
2025-04-12T22:34:14.972953+00:00	Debian Oval Importer	Affected by	VCID-ftng-xjpg-aaag	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T22:13:00.922597+00:00	Debian Oval Importer	Affected by	VCID-hgur-mt73-aaah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T21:18:20.206547+00:00	Debian Oval Importer	Fixing	VCID-8ycp-22yk-aaap	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T20:50:40.093329+00:00	Debian Oval Importer	Fixing	VCID-nphv-er38-aaae	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T19:47:12.044526+00:00	Debian Oval Importer	Fixing	VCID-nk3v-tvmw-aaam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T18:53:00.822256+00:00	Debian Oval Importer	Affected by	VCID-xn43-hdj8-aaad	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T18:35:35.331977+00:00	Debian Oval Importer	Affected by	VCID-q8fq-1yrc-aaag	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T17:56:19.181617+00:00	Debian Oval Importer	Fixing	VCID-v537-bky8-aaak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T17:33:18.088711+00:00	Debian Oval Importer	Fixing	VCID-ac31-1hfd-aaah	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T16:51:33.048716+00:00	Debian Oval Importer	Fixing	VCID-66vz-z7v3-aaar	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-07T22:09:55.485432+00:00	Debian Oval Importer	Fixing	VCID-66vz-z7v3-aaar	None	36.0.0
2025-04-07T22:03:15.324599+00:00	Debian Oval Importer	Affected by	VCID-hgur-mt73-aaah	None	36.0.0
2025-04-07T22:01:46.450040+00:00	Debian Oval Importer	Affected by	VCID-q8fq-1yrc-aaag	None	36.0.0
2025-04-07T21:54:13.446512+00:00	Debian Oval Importer	Fixing	VCID-nk3v-tvmw-aaam	None	36.0.0
2025-04-07T21:53:06.492169+00:00	Debian Oval Importer	Fixing	VCID-nphv-er38-aaae	None	36.0.0
2025-04-07T21:48:10.017467+00:00	Debian Oval Importer	Fixing	VCID-8ycp-22yk-aaap	None	36.0.0
2025-04-07T20:37:01.725424+00:00	Debian Oval Importer	Fixing	VCID-ac31-1hfd-aaah	None	36.0.0
2025-04-07T18:16:17.605779+00:00	Debian Oval Importer	Affected by	VCID-xn43-hdj8-aaad	None	36.0.0
2025-04-07T18:11:18.903297+00:00	Debian Oval Importer	Fixing	VCID-v537-bky8-aaak	None	36.0.0
2025-04-07T18:09:03.437869+00:00	Debian Oval Importer	Affected by	VCID-ftng-xjpg-aaag	None	36.0.0