Information on source package golang-1.20

Available versions

ReleaseVersion
trixie1.20.12-1
sid1.20.12-1

Resolved issues

BugDescription
CVE-2023-45287Before Go 1.20, the RSA based TLS key exchanges used the math/big libr ...
CVE-2023-45285Using go get to fetch a module with the ".git" suffix may unexpectedly ...
CVE-2023-45284On Windows, The IsLocal function does not correctly detect reserved de ...
CVE-2023-45283The filepath package does not recognize paths with a \??\ prefix as sp ...
CVE-2023-39326A malicious HTTP sender can use chunk extensions to cause a receiver r ...
CVE-2023-39325A malicious HTTP/2 client which rapidly creates requests and immediate ...
CVE-2023-39323Line directives ("//line") can be used to bypass the restrictions on " ...
CVE-2023-39319The html/template package does not apply the proper rules for handling ...
CVE-2023-39318The html/template package does not properly handle HTML-like "" commen ...
CVE-2023-29409Extremely large RSA keys in certificate chains can cause a client/serv ...
CVE-2023-29406The HTTP/1 client does not fully validate the contents of the Host hea ...
CVE-2023-29405The go command may execute arbitrary code at build time when using cgo ...
CVE-2023-29404The go command may execute arbitrary code at build time when using cgo ...
CVE-2023-29403On Unix platforms, the Go runtime does not behave differently when a b ...
CVE-2023-29402The go command may generate unexpected code at build time when using c ...
CVE-2023-29400Templates containing actions in unquoted HTML attributes (e.g. "attr={ ...
CVE-2023-24540Not all valid JavaScript whitespace characters are considered to be wh ...
CVE-2023-24539Angle brackets (<>) are not considered dangerous characters when inser ...
CVE-2023-24538Templates do not properly consider backticks (`) as Javascript string ...
CVE-2023-24537Calling any of the Parse functions on Go source code which contains // ...
CVE-2023-24536Multipart form parsing can consume large amounts of CPU and memory whe ...
CVE-2023-24534HTTP and MIME header parsing can allocate large amounts of memory, eve ...
CVE-2023-24532The ScalarMult and ScalarBaseMult methods of the P256 Curve may return ...
CVE-2022-41725A denial of service is possible from excessive resource consumption in ...
CVE-2022-41724Large handshake records may cause panics in crypto/tls. Both clients a ...
CVE-2022-41723A maliciously crafted HTTP/2 stream could cause excessive CPU consumpt ...
CVE-2022-41722A path traversal vulnerability exists in filepath.Clean on Windows. On ...

Search for package or bug name: Reporting problems