Labels

• cla: no
• cla: yes
• cve-year-2019-and-earlier
• cve-year-2020
• cve-year-2021
• cve-year-2022
• cve-year-2023
• cve-year-2024
• cve-year-2025
• dependencies

  Pull requests that update a dependency file
• Direct External Report
• duplicate
• excluded: DEPENDENT_VULNERABILITY

  This vulnerability is downstream of another existing vulnerability report.
• excluded: EFFECTIVELY_PRIVATE

  This vulnerability exists in a package can be imported, but isn't meant to be outside that module.
• excluded: LEGACY_FALSE_POSITIVE

  (DO NOT USE) Vulnerability marked as false positive before we introduced the triage process
• excluded: NOT_A_VULNERABILITY

  This is not a vulnerability.
• excluded: NOT_GO_CODE

  This vulnerability does not refer to a Go module.
• excluded: NOT_IMPORTABLE

  This vulnerability only exists in a binary and is not importable.
• excluded: OUT_OF_SCOPE

  This issue is out of scope for this issue tracker.
• excluded: WITHDRAWN

  The source report was withdrawn before we published it in vulndb.
• first party
• go

  Pull requests that update go code
• high priority
• needs-review
• NeedsAlias
• NeedsCVEID
• NeedsCVEMetadata
• NeedsCVERecord
• NeedsHiddenReason
• NeedsInvestigation