Vulnerabilidades em Go standard library
111 resultadosCVE-2023-45288HIGHHTTP/2 CONTINUATION flood in net/httpEPSS 92.0%CVE-2022-41717—Excessive memory growth in net/http and golang.org/x/net/http2EPSS 5.6%CVE-2022-41723HIGHDenial of service via crafted HTTP/2 stream in net/http and golang.org/x/netEPSS 4.6%CVE-2023-39325—HTTP/2 rapid reset can cause excessive work in net/httpEPSS 3.8%CVE-2023-45283—Insecure parsing of Windows paths with a \??\ prefix in path/filepathEPSS 2.8%CVE-2023-24538CRITICALBackticks not treated as string delimiters in html/templateEPSS 2.3%CVE-2022-32189—Panic when decoding Float and Rat types in math/bigEPSS 2.0%CVE-2024-24790CRITICALUnexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netipEPSS 2.0%CVE-2023-24534HIGHExcessive memory allocation in net/http and net/textprotoEPSS 1.9%CVE-2022-28131—Stack exhaustion from deeply nested XML documents in encoding/xmlEPSS 1.9%CVE-2022-29804—Path traversal via Clean on Windows in path/filepathEPSS 1.9%CVE-2022-41722—Path traversal on Windows in path/filepathEPSS 1.7%CVE-2022-30634—Indefinite hang with large buffers on Windows in crypto/randEPSS 1.6%CVE-2022-32190—Failure to strip relative path components in net/urlEPSS 1.6%CVE-2022-30630HIGHStack exhaustion in Glob on certain paths in io/fsEPSS 1.6%CVE-2022-30633HIGHStack exhaustion when unmarshaling certain documents in encoding/xmlEPSS 1.6%CVE-2022-30632—Stack exhaustion on crafted paths in path/filepathEPSS 1.6%CVE-2022-30631HIGHStack exhaustion when reading certain archives in compress/gzipEPSS 1.6%CVE-2023-24540CRITICALImproper handling of JavaScript whitespace in html/templateEPSS 1.5%CVE-2022-2879—Unbounded memory consumption when reading headers in archive/tarEPSS 1.5%