Search for packages
| purl | pkg:deb/debian/golang-1.8@1.8.1-1 |
| Next non-vulnerable version | 1.8.1-1+deb9u1 |
| Latest non-vulnerable version | 1.8.1-1+deb9u1 |
| Risk | 4.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-59nw-22nv-aaam
Aliases: CVE-2018-6574 |
Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked. |
Affected by 0 other vulnerabilities. |
|
VCID-5jua-1sv6-aaah
Aliases: CVE-2018-7187 |
The "go get" implementation in Go 1.9.4, when the -insecure command-line option is used, does not validate the import path (get/vcs.go only checks for "://" anywhere in the string), which allows remote attackers to execute arbitrary OS commands via a crafted web site. |
Affected by 0 other vulnerabilities. |
|
VCID-u6zq-xy5d-aaam
Aliases: CVE-2019-6486 |
Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T11:05:51.078073+00:00 | Debian Oval Importer | Affected by | VCID-59nw-22nv-aaam | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-21T10:48:30.506998+00:00 | Debian Oval Importer | Affected by | VCID-5jua-1sv6-aaah | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-21T10:27:31.456677+00:00 | Debian Oval Importer | Affected by | VCID-u6zq-xy5d-aaam | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-20T20:03:42.744357+00:00 | Debian Oval Importer | Affected by | VCID-59nw-22nv-aaam | None | 36.1.3 |
| 2025-06-08T04:35:20.444731+00:00 | Debian Oval Importer | Affected by | VCID-59nw-22nv-aaam | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-08T04:24:38.941409+00:00 | Debian Oval Importer | Affected by | VCID-5jua-1sv6-aaah | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-08T04:12:31.265207+00:00 | Debian Oval Importer | Affected by | VCID-u6zq-xy5d-aaam | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-07T13:51:17.852288+00:00 | Debian Oval Importer | Affected by | VCID-59nw-22nv-aaam | None | 36.1.0 |
| 2025-04-08T03:05:58.700596+00:00 | Debian Oval Importer | Affected by | VCID-59nw-22nv-aaam | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-08T02:54:34.155063+00:00 | Debian Oval Importer | Affected by | VCID-5jua-1sv6-aaah | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-08T02:41:37.017240+00:00 | Debian Oval Importer | Affected by | VCID-u6zq-xy5d-aaam | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-07T12:26:12.921723+00:00 | Debian Oval Importer | Affected by | VCID-59nw-22nv-aaam | None | 36.0.0 |