VulnerableCode Package Details - pkg:deb/ubuntu/golang-1.13@1.13~rc2-1

Search for packages

Package details: pkg:deb/ubuntu/golang-1.13@1.13~rc2-1

Essentials
History (0)

purl	pkg:deb/ubuntu/golang-1.13@1.13~rc2-1

Next non-vulnerable version	1.13.7-1ubuntu1
Latest non-vulnerable version	1.13.7-1ubuntu1
Risk	4.0

Vulnerabilities affecting this package (3)

Vulnerability	Summary	Fixed by
VCID-4uqa-rypz-aaas Aliases: CVE-2019-17596	Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.	1.13.3-1ubuntu1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-chcx-jfyc-aaaf Aliases: CVE-2020-7919 GHSA-cjjc-xp8v-855w	Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate.	1.13.7-1ubuntu1 Affected by 0 other vulnerabilities.
VCID-kq1v-8r3r-aaaf Aliases: CVE-2019-16276	Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.	1.13.1-1ubuntu1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version