Go Package Vulnerabilities

All 1,264 Go modules with known CVEs, ranked by live CVE volume — 5,148 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 1,001.github.com/nyaruka/phonenumbers1 CVE
  2. 1,002.github.com/oam-dev/kubevela1 CVE
  3. 1,003.github.com/onosproject/onos-lib-go1 CVE
  4. 1,004.github.com/openark/orchestrator1 CVE
  5. 1,005.github.com/openbao/openbao-plugins1 CVE
  6. 1,006.github.com/openbao/openbao/sdk1 CVE
  7. 1,007.github.com/openbao/openbao/sdk/v21 CVE
  8. 1,008.github.com/openclarity/kubeclarity/backend1 CVE
  9. 1,009.github.com/opencloud-eu/reva1 CVE
  10. 1,010.github.com/opencloud-eu/reva/v21 CVE
  11. 1,011.github.com/opencontainers/distribution-spec1 CVE
  12. 1,012.github.com/opencontainers/umoci1 CVE
  13. 1,013.github.com/open-falcon/falcon-plus1 CVE
  14. 1,014.github.com/open-feature/open-feature-operator1 CVE
  15. 1,015.github.com/openflagr/flagr1 CVE
  16. 1,016.github.com/openkruise/kruise1 CVE
  17. 1,017.github.com/openmeterio/openmeter1 CVE
  18. 1,018.github.com/open-policy-agent/opa-envoy-plugin1 CVE
  19. 1,019.github.com/open-policy-agent/opa/server1 CVE
  20. 1,020.github.com/open-policy-agent/opa/v1/server1 CVE
  21. 1,021.github.com/openpubkey/openpubkey1 CVE
  22. 1,022.github.com/openpubkey/opkssh1 CVE
  23. 1,023.github.com/openshift/assisted-installer1 CVE
  24. 1,024.github.com/openshift/builder1 CVE
  25. 1,025.github.com/openshift/cluster-monitoring-operator1 CVE
  26. 1,026.github.com/openshift/must-gather1 CVE
  27. 1,027.github.com/openshift/openshift-apiserver1 CVE
  28. 1,028.github.com/openshift/openshift-controller-manager1 CVE
  29. 1,029.github.com/openshift/osin1 CVE
  30. 1,030.github.com/openshift/source-to-image1 CVE
  31. 1,031.github.com/openshift/telemeter1 CVE
  32. 1,032.github.com/open-telemetry/opentelemetry-collector-contrib/exporter/sentryexporter1 CVE
  33. 1,033.github.com/open-telemetry/opentelemetry-collector-contrib/extension/azureauthextension1 CVE
  34. 1,034.github.com/open-telemetry/opentelemetry-collector-contrib/extension/bearertokenauthextension1 CVE
  35. 1,035.github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver1 CVE
  36. 1,036.github.com/open-telemetry/opentelemetry-collector-contrib/receiver/githubreceiver1 CVE
  37. 1,037.github.com/open-telemetry/opentelemetry-operator1 CVE
  38. 1,038.github.com/operator-framework/operator-sdk1 CVE
  39. 1,039.github.com/orneryd/nornicdb1 CVE
  40. 1,040.github.com/ory/hydra/v21 CVE
  41. 1,041.github.com/ory/keto1 CVE
  42. 1,042.github.com/ossf/allstar1 CVE
  43. 1,043.github.com/ouqiang/gocron1 CVE
  44. 1,044.github.com/ovn-org/ovn-kubernetes1 CVE
  45. 1,045.github.com/oxyno-zeta/s3-proxy/cmd/s3-proxy1 CVE
  46. 1,046.github.com/pandatix/go-cvss1 CVE
  47. 1,047.github.com/pelicanplatform/pelican1 CVE
  48. 1,048.github.com/phires/go-guerrilla1 CVE
  49. 1,049.github.com/pilinux/gorest1 CVE
  50. 1,050.github.com/pion/dtls/v31 CVE

Which Go packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →