Go standard library - CVE CyberSecurity Database News (Page 4)

Apr 6, 2023 XSS Exploit Go standard library

CVE-2023-24538 - How Improper Backtick Escaping in Go Templates Enables JavaScript Injection

CVE-2023-24538 is a security vulnerability that affects Go’s html/template and text/template packages. This issue arises because these templates did not properly handle

Mar 8, 2023 API Exploit Go standard library

CVE-2023-24532 - Inside Golang’s P256 ScalarMult and ScalarBaseMult Vulnerability

In March 2023, the Go programming language maintainers announced CVE-2023-24532: a cryptographic bug in the implementation of the NIST P-256 elliptic curve. If you’re

CVE-2022-41724 - Large TLS Handshake Records Cause Panics in Go crypto/tls – An Exclusive Exploit Breakdown

Feb 28, 2023 Go standard library

CVE-2022-41724 - Large TLS Handshake Records Cause Panics in Go crypto/tls – An Exclusive Exploit Breakdown

The security of internet connections often relies on how well TLS, the protocol for secure communications, is implemented. In 2022, a dangerous vulnerability was discovered

Feb 28, 2023 Exploit Google Go standard library

CVE-2022-41725 - Denial of Service via Unrestricted Resource Consumption in Go's net/http and mime/multipart

In November 2022, a security vulnerability known as CVE-2022-41725 was disclosed in Go’s standard library, specifically affecting the net/http and mime/multipart packages.