| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-45336 | Sensitive headers incorrectly sent after cross-domain redirect in net/http | Go standard library | net/http | 高危 | - | 2025-01-28 01:03:25 | Deep Dive |
| CVE-2025-22865 | ParsePKCS1PrivateKey panic with partial keys in crypto/x509 | Go standard library | crypto/x509 | 高危 | - | 2025-01-28 01:03:25 | Deep Dive |
| CVE-2024-45341 | Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509 | Go standard library | crypto/x509 | 中危 | - | 2025-01-28 01:03:24 | Deep Dive |
| CVE-2024-34155 | Stack exhaustion in all Parse functions in go/parser | Go standard library | go/parser | 中危 | - | 2024-09-06 20:42:43 | Deep Dive |
| CVE-2024-34156 | Stack exhaustion in Decoder.Decode in encoding/gob | Go standard library | encoding/gob | 高危 | - | 2024-09-06 20:42:43 | Deep Dive |
| CVE-2024-34158 | Stack exhaustion in Parse in go/build/constraint | Go standard library | go/build/constraint | 中危 | - | 2024-09-06 20:42:43 | Deep Dive |
| CVE-2024-24791 | Denial of service due to improper 100-continue handling in net/http | Go standard library | net/http | - | - | 2024-07-02 21:28:26 | Deep Dive |
| CVE-2024-24789 | Mishandling of corrupt central directory record in archive/zip | Go standard library | archive/zip | - | - | 2024-06-05 15:13:52 | Deep Dive |
| CVE-2024-24790 | Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip | Go standard library | net/netip | - | - | 2024-06-05 15:13:51 | Deep Dive |
| CVE-2024-24788 | Malformed DNS message can cause infinite loop in net | Go standard library | net | - | - | 2024-05-08 15:31:12 | Deep Dive |
| CVE-2023-45288 | HTTP/2 CONTINUATION flood in net/http | Go standard library | net/http | 高危 | - | 2024-04-04 20:37:31 | Deep Dive |
| CVE-2024-24785 | Errors returned from JSON marshaling may break template escaping in html/template | Go standard library | html/template | - | - | 2024-03-05 22:22:34 | Deep Dive |
| CVE-2024-24784 | Comments in display names are incorrectly handled in net/mail | Go standard library | net/mail | - | - | 2024-03-05 22:22:32 | Deep Dive |
| CVE-2023-45289 | Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http | Go standard library | net/http | - | - | 2024-03-05 22:22:30 | Deep Dive |
| CVE-2023-45290 | Memory exhaustion in multipart form parsing in net/textproto and net/http | Go standard library | net/textproto | - | - | 2024-03-05 22:22:29 | Deep Dive |
| CVE-2024-24783 | Verify panics on certificates with an unknown public key algorithm in crypto/x509 | Go standard library | crypto/x509 | - | - | 2024-03-05 22:22:27 | Deep Dive |
| CVE-2023-39326 | Denial of service via chunk extensions in net/http | Go standard library | net/http/internal | 中危 | - | 2023-12-06 16:27:54 | Deep Dive |
| CVE-2023-45287 | Before Go 1.20, the RSA based key exchange methods in crypto/tls may exhibit a timing side channel | Go standard library | crypto/tls | 中危 | - | 2023-12-05 16:18:06 | Deep Dive |
| CVE-2023-45284 | Incorrect detection of reserved device names on Windows in path/filepath | Go standard library | path/filepath | 中危 | - | 2023-11-09 16:30:15 | Deep Dive |
| CVE-2023-45283 | Insecure parsing of Windows paths with a \??\ prefix in path/filepath | Go standard library | path/filepath | 中危 | - | 2023-11-09 16:30:12 | Deep Dive |