VulnerableCode Package Details - pkg:deb/debian/golang-1.19@1.19-1

Search for packages

Package details: pkg:deb/debian/golang-1.19@1.19-1

Essentials
History (0)

purl	pkg:deb/debian/golang-1.19@1.19-1
Tags	Ghost

Next non-vulnerable version	1.19.1-1~bpo11+1
Latest non-vulnerable version	1.19.12-2~bpo11+1
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-5hmn-pv5e-aaad Aliases: CVE-2022-32190	JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path. For example, JoinPath("https://go.dev", "../go") returns the URL "https://go.dev/../go", despite the JoinPath documentation stating that ../ path elements are removed from the result.	1.19.1-1~bpo11+1 Affected by 0 other vulnerabilities.
VCID-xywa-ra13-aaaj Aliases: CVE-2022-27664 GHSA-69cg-p879-7622	In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.	1.19.1-1~bpo11+1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version