Vulnerabilidades em Go standard library
111 resultadosCVE-2024-24784HIGHComments in display names are incorrectly handled in net/mailEPSS 1.0%CVE-2024-34158HIGHStack exhaustion in Parse in go/build/constraintEPSS 1.0%CVE-2023-24539HIGHImproper sanitization of CSS values in html/templateEPSS 1.0%CVE-2023-29400HIGHImproper handling of empty HTML attributes in html/templateEPSS 1.0%CVE-2024-24788MEDIUMMalformed DNS message can cause infinite loop in netEPSS 1.0%CVE-2023-45284MEDIUMIncorrect detection of reserved device names on Windows in path/filepathEPSS 0.9%CVE-2022-30629LOWSession tickets lack random ticket_age_add in crypto/tlsEPSS 0.9%CVE-2022-1962MEDIUMStack exhaustion due to deeply nested types in go/parserEPSS 0.9%CVE-2024-34155MEDIUMStack exhaustion in all Parse functions in go/parserEPSS 0.8%CVE-2023-24532—Incorrect calculation on P256 curves in crypto/internal/nistecEPSS 0.8%CVE-2023-39318—Improper handling of HTML-like comments in script contexts in html/templateEPSS 0.8%CVE-2024-24785MEDIUMErrors returned from JSON marshaling may break template escaping in html/templateEPSS 0.8%CVE-2023-39319—Improper handling of special tags within script contexts in html/templateEPSS 0.8%CVE-2022-41716MEDIUMUnsanitized NUL in environment variables on Windows in syscall and os/execEPSS 0.8%CVE-2025-68121CRITICALUnexpected session resumption in crypto/tlsEPSS 0.8%CVE-2025-61726HIGHMemory exhaustion in query parameter parsing in net/urlEPSS 0.8%CVE-2025-22871CRITICALRequest smuggling due to acceptance of invalid chunked data in net/httpEPSS 0.7%CVE-2024-24783MEDIUMVerify panics on certificates with an unknown public key algorithm in crypto/x509EPSS 0.7%CVE-2024-45336MEDIUMSensitive headers incorrectly sent after cross-domain redirect in net/httpEPSS 0.6%CVE-2025-61728MEDIUMExcessive CPU consumption when building archive index in archive/zipEPSS 0.6%