Go standard library - CVE CyberSecurity Database News (Page 4)

Apr 6, 2023 API Go standard library

CVE-2023-24534 - How Small HTTP and MIME Headers Can Crash Big Servers

Many modern web servers and services rely on efficient, safe parsing of HTTP and MIME headers. But in early 2023, a subtle flaw was discovered:

Mar 8, 2023 API Exploit Go standard library

CVE-2023-24532 - Inside Golang’s P256 ScalarMult and ScalarBaseMult Vulnerability

In March 2023, the Go programming language maintainers announced CVE-2023-24532: a cryptographic bug in the implementation of the NIST P-256 elliptic curve. If you’re

Feb 28, 2023 Exploit Google Go standard library

CVE-2022-41725 - Denial of Service via Unrestricted Resource Consumption in Go's net/http and mime/multipart

In November 2022, a security vulnerability known as CVE-2022-41725 was disclosed in Go’s standard library, specifically affecting the net/http and mime/multipart packages.

CVE-2022-41724 - Large TLS Handshake Records Cause Panics in Go crypto/tls – An Exclusive Exploit Breakdown

Feb 28, 2023 Go standard library

CVE-2022-41724 - Large TLS Handshake Records Cause Panics in Go crypto/tls – An Exclusive Exploit Breakdown

The security of internet connections often relies on how well TLS, the protocol for secure communications, is implemented. In 2022, a dangerous vulnerability was discovered