Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Go Number Of NVD 140 CRITICAL 16 HIGH 84 MEDIUM 38 LOW 2
URL https://golang.org/
Explanation It is a programming language developed by Google.
It has a simple syntax and can be coded by anyone to look the same.
It has been adopted by many companies because it is good at parallel processing and can perform well on multi-core systems.
Since it is cross-compatible, it can be run in a variety of environments including Windows, Linux, Mac, and Android.

As a result of prioritizing simplicity, there are some disadvantages such as the lack of exception handling (there are alternative functions), which is common in other languages.
This may be implemented in the future.

A major release is made about every 6 months.
If a critical bug or security issue is fixed during the major release, a minor release is made.

The last two major releases are supported and covered.
Since major releases are made about every six months, the major version a year ago will no longer be supported.
Tag
  • オープンソース
  • BSD License

Add Information URL
No Type Name URL
1 https://github.com/golang/go/wiki/Go-Release-Cycle
2 https://golang.org/doc/devel/release.html
3 https://github.com/golang/go/wiki/MinorReleases
4 https://golang.org/security
5 https://golang.org/doc/copyright.html

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
61 New!! Go 1.26 1.26.5 July 7, 2026 Feb. 10, 2026 0 10 8 1
62 go 1.21 1.21.13 Aug. 6, 2024 June 16, 2023 2 15 13 1
63 go 1.20 1.20.7 Aug. 1, 2023 Feb. 1, 2023 6 23 15 1
64 go 1.19 1.19.13 Sept. 6, 2023 Aug. 2, 2022 6 30 16 1
65 Go 1.18 1.18.10 Jan. 10, 2023 March 15, 2022 6 42 20 2
66 Go 1.17 1.17.13 Aug. 1, 2022 Aug. 16, 2021 8 48 21 2
67 Go 1.16 1.16.15 March 3, 2022 Feb. 16, 2021 8 54 28 2
68 Go 1.15 1.15.15 Aug. 4, 2021 Aug. 11, 2020 8 59 30 2
69 Go 1.14 1.14.15 Feb. 4, 2021 Feb. 25, 2020 8 59 32 2
70 Go 1.13 1.13.15 Aug. 6, 2020 Sept. 3, 2019 8 63 32 2
71 Go 1.12 1.12.17 Feb. 12, 2020 Feb. 25, 2019 10 64 32 2
72 go 1.9 1.9.7 11 67 33 2
73 go 1.8 1.8.7 11 67 34 2
74 go 1.7 1.7.6 11 70 34 2
75 go 1.6 1.6.4 11 72 34 2
76 go 1.5 1.5.4 11 73 34 2
77 go 1.4 1.4.3 14 71 34 2
78 go 1.3 1.3.3 14 71 35 2
79 go 1.2 1.20.7 Aug. 1, 2023 14 72 36 2
80 go 1.12 1.12.9 10 64 32 2
81 go 1.11 1.11.9 10 64 33 2
82 go 1.10 1.10.8 10 67 32 2
83 go 1.1 1.19.13 Sept. 6, 2023 14 73 36 2
84 go 1.0 1.0.3 15 71 34 2
85 go 0.0 0.0.0-20201203163018-be400aefbc4c 14 70 34 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
61 7.5
-
HIGH
Network
A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service. NVD-CWE-noinfo
CVE-2022-32189 cpe:2.3:a:golang:go:*:* 1.18.0


1.18.5
1.17.13
2024-11-21 16:05
2022-08-11
Show GitHub Exploit DB Packet Storm
62 6.5
-
MEDIUM
Network
Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for t… NVD-CWE-noinfo
CVE-2022-32148 cpe:2.3:a:golang:go:*:*
1.18.0


1.17.12
1.18.4
2024-11-21 16:05
2022-08-11
Show GitHub Exploit DB Packet Storm
63 7.5
-
HIGH
Network
Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structu… CWE-674
 Uncontrolled Recursion
CVE-2022-30635 cpe:2.3:a:golang:go:*:*
1.18.0


1.17.12
1.18.4
2024-11-21 16:03
2022-08-11
Show GitHub Exploit DB Packet Storm
64 7.5
-
HIGH
Network
Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct whic… CWE-674
 Uncontrolled Recursion
CVE-2022-30633 cpe:2.3:a:golang:go:*:*
1.18.0


1.17.12
1.18.4
2024-11-21 16:03
2022-08-11
Show GitHub Exploit DB Packet Storm
65 7.5
-
HIGH
Network
Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators. CWE-674
 Uncontrolled Recursion
CVE-2022-30632 cpe:2.3:a:golang:go:*:*
1.18.0


1.17.12
1.18.4
2024-11-21 16:03
2022-08-11
Show GitHub Exploit DB Packet Storm
66 7.5
-
HIGH
Network
Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concaten… CWE-674
 Uncontrolled Recursion
CVE-2022-30631 cpe:2.3:a:golang:go:*:*
1.18.0


1.17.12
1.18.4
2024-11-21 16:03
2022-08-11
Show GitHub Exploit DB Packet Storm
67 7.5
-
HIGH
Network
Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators. CWE-674
 Uncontrolled Recursion
CVE-2022-30630 cpe:2.3:a:golang:go:*:*
1.18.0


1.17.12
1.18.4
2024-11-21 16:03
2022-08-11
Show GitHub Exploit DB Packet Storm
68 3.1
-
LOW
Network
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparin… CWE-330
 Use of Insufficiently Random Values
CVE-2022-30629 cpe:2.3:a:golang:go:*:* 1.18.0


1.18.3
1.17.11
2024-11-21 16:03
2022-08-11
Show GitHub Exploit DB Packet Storm
69 7.8
-
HIGH
Local
Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in the working directory named either "..com" or "..exe" by calling Cmd.Run, Cmd.Start, Cmd.Out… CWE-94
Code Injection
CVE-2022-30580 cpe:2.3:a:golang:go:*:* 1.18.0


1.18.3
1.17.11
2024-11-21 16:02
2022-08-11
Show GitHub Exploit DB Packet Storm
70 7.5
-
HIGH
Network
Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack. CWE-22
Path Traversal
CVE-2022-29804 cpe:2.3:a:golang:go:*:*
1.18.0


1.17.11
1.18.3
2024-11-21 15:59
2022-08-11
Show GitHub Exploit DB Packet Storm