Package impact

Go / golang.org/x/net

critical high medium low unknown

0

KEV Has exploit

CVE	Severity	CVSS	Risk	Flags	OS	Vendor	Published	Description
CVE-2023-44487	high	7.5	9.0				3y ago	HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).
CVE-2023-45288	high	—	8.0				2y ago	Important: golang security update
CVE-2023-39325	high	—	8.0				3y ago	Important: go-toolset and golang security and bug fix update
CVE-2019-9512	high	—	8.0				4y ago	Important: container-tools:rhel8 security and bug fix update
CVE-2019-9514	high	—	8.0				4y ago	Important: nodejs:10 security update
CVE-2021-44716	high	—	8.0				5y ago	Important: grafana security update
CVE-2026-33814	high	7.5	7.5				22d ago	When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.
CVE-2026-25680	medium	6.5	6.5				7d ago	Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html
CVE-2026-42506	medium	6.1	6.1				7d ago	Invoking incorrect handling of namespaced elements in foreign content in golang.org/x/net/html
CVE-2026-42502	medium	6.1	6.1				7d ago	Invoking incorrect handling of HTML elements in foreign content in golang.org/x/net/html
CVE-2026-27136	medium	6.1	6.1				7d ago	Invoking duplicate attributes can cause XSS in golang.org/x/net/html
CVE-2026-25681	medium	6.1	6.1				7d ago	Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html
CVE-2023-3978	medium	—	5.5				3y ago	Moderate: podman security, bug fix, and enhancement update
CVE-2022-41723	medium	—	5.5				3y ago	Moderate: toolbox security and bug fix update
CVE-2022-41717	medium	—	5.5				3y ago	Moderate: git-lfs security and bug fix update
CVE-2022-27664	medium	—	5.5				3y ago	Moderate: git-lfs security and bug fix update
CVE-2021-31525	medium	—	5.5				4y ago	Moderate: go-toolset:rhel8 security, bug fix, and enhancement update