Search CVE reports
1 – 10 of 88 results
[net/mail: excessive CPU consumption in ParseAddress]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
[net/textproto: excessive CPU consumption in Reader.ReadResponse]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
[encoding/pem: quadratic complexity when parsing some invalid inputs]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
[crypto/tls: ALPN negotiation errors can contain arbitrary text]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
[crypto/x509: panic when validating certificates with DSA public keys]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
[crypto/x509: quadratic complexity when checking name constraints]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
[net/http: lack of limit when parsing cookies can cause memory exhaustion]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
[encoding/asn1: pre-allocating memory when parsing DER payload can cause memory exhaustion]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
[archive/tar: unbounded allocation when parsing GNU sparse map]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
[net/url: insufficient validation of bracketed IPv6 hostnames]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |