Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.9 views

PT-2026-26773

Name of the Vulnerable Software and Affected Versions goxmlsig versions prior to 1.6.0 goxmlsig versions prior to 1.22 when using older Go versions or go.mod versions Description The validateSignature function in validate.go has a loop variable capture issue in Go versions before 1.22, or when...

7.5CVSS5.9AI score0.00299EPSS
Exploits1References174
CVE
CVE
added 2026/02/09 6:4 p.m.9 views

CVE-2025-66630

Fiber is a Go web framework. Before 2.52.11 and on Go

9.4CVSS5.6AI score0.00471EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/10/05 9:15 p.m.6 views

AZL-52845 CVE-2023-39323 affecting package golang for versions less than 1.20.10-1

Line directives "//line" can be used to bypass the restrictions on "//go:cgo" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of...

8.1CVSS7.2AI score0.01762EPSS
Exploits0References1
OSV
OSV
added 2023/04/06 4:15 p.m.10 views

AZL-37411 CVE-2023-24538 affecting package golang for versions less than 1.21.6-1

Templates do not properly consider backticks as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to...

9.8CVSS6.8AI score0.02281EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/08/09 8:18 p.m.2 views

CVE-2022-1962 Stack exhaustion due to deeply nested types in go/parser

Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations...

5.8AI score0.00863EPSS
Exploits1References5
OSV
OSV
added 2022/06/23 5:15 p.m.8 views

AZL-33629 CVE-2022-29526 affecting package prometheus for versions less than 2.37.0-1

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...

5.3CVSS6.8AI score0.02593EPSS
Exploits1References1
Rows per page
Query Builder