GoLang Text
By the Year
In 2023 there have been 0 vulnerabilities in GoLang Text . Last year Text had 2 security vulnerabilities published. Right now, Text is on track to have less security vulnerabilities in 2023 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2023 | 0 | 0.00 |
2022 | 2 | 7.50 |
2021 | 1 | 7.50 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Text vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent GoLang Text Security Vulnerabilities
golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing
CVE-2021-38561
7.5 - High
- December 26, 2022
golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.
Out-of-bounds Read
An attacker may cause a denial of service by crafting an Accept-Language header
CVE-2022-32149
7.5 - High
- October 14, 2022
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.
Missing Release of Resource after Effective Lifetime
In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag
CVE-2020-28852
7.5 - High
- January 02, 2021
In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
out-of-bounds array index
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Canonical Ubuntu Linux or by GoLang? Click the Watch button to subscribe.
