Go Vulnerability Database
Data about new vulnerabilities come directly from Go package maintainers or sources such as MITRE and GitHub. Reports are curated by the Go Security team. Learn more at go.dev/security/vuln.
Search
Recent Reports
- CVE-2025-20621, GHSA-w6xh-c82w-h997
- Affects: github.com/mattermost/mattermost-server, github.com/mattermost/mattermost-server/v5, and 2 more
- Published: Jan 17, 2025
- Unreviewed
Mattermost webapp crash via a crafted post in github.com/mattermost/mattermost-server
- CVE-2024-36403, GHSA-vc2m-hw89-qjxf
- Affects: github.com/t2bot/matrix-media-repo
- Published: Jan 16, 2025
- Unreviewed
matrix-media-repo (MMR) allows denial of service/high operating costs through unauthenticated downloads in github.com/t2bot/matrix-media-repo
- CVE-2024-56515, GHSA-rcxc-wjgw-579r
- Affects: github.com/t2bot/matrix-media-repo
- Published: Jan 16, 2025
- Unreviewed
Matrix Media Repo (MMR) allows untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders in github.com/t2bot/matrix-media-repo
- CVE-2024-52602, GHSA-r6jg-jfv6-2fjv
- Affects: github.com/t2bot/matrix-media-repo
- Published: Jan 16, 2025
- Unreviewed
Matrix Media Repo (MMR) allows Server-Side Request Forgery (SSRF) on redirects and federation in github.com/t2bot/matrix-media-repo
- CVE-2024-52791, GHSA-gp86-q8hg-fpxj
- Affects: github.com/t2bot/matrix-media-repo
- Published: Jan 16, 2025
- Unreviewed
matrix-media-repo (MMR) allows a denial of service through memory exhaustion in github.com/t2bot/matrix-media-repo
If you don't see an existing, public Go vulnerability in a publicly importable package in our database, please let us know.