VulnerableCode Package Details - pkg:deb/ubuntu/golang-1.14@1.14~beta1-2

Search for packages

Package details: pkg:deb/ubuntu/golang-1.14@1.14~beta1-2

Essentials
History (0)

purl	pkg:deb/ubuntu/golang-1.14@1.14~beta1-2

Next non-vulnerable version	1.14.3-2ubuntu2~20.04.2
Latest non-vulnerable version	1.14.3-2ubuntu2~20.04.2
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-35cj-b5rn-aaar Aliases: CVE-2020-24553	Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.	1.14.3-2ubuntu2~20.04.2 Affected by 0 other vulnerabilities.
VCID-chcx-jfyc-aaaf Aliases: CVE-2020-7919 GHSA-cjjc-xp8v-855w	Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate.	1.14~rc1-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version