Go Package Vulnerabilities
All 1,264 Go modules with known CVEs, ranked by live CVE volume — 5,148 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 1,001.github.com/nyaruka/phonenumbers1 CVE
- 1,002.github.com/oam-dev/kubevela1 CVE
- 1,003.github.com/onosproject/onos-lib-go1 CVE
- 1,004.github.com/openark/orchestrator1 CVE
- 1,005.github.com/openbao/openbao-plugins1 CVE
- 1,006.github.com/openbao/openbao/sdk1 CVE
- 1,007.github.com/openbao/openbao/sdk/v21 CVE
- 1,008.github.com/openclarity/kubeclarity/backend1 CVE
- 1,009.github.com/opencloud-eu/reva1 CVE
- 1,010.github.com/opencloud-eu/reva/v21 CVE
- 1,011.github.com/opencontainers/distribution-spec1 CVE
- 1,012.github.com/opencontainers/umoci1 CVE
- 1,013.github.com/open-falcon/falcon-plus1 CVE
- 1,014.github.com/open-feature/open-feature-operator1 CVE
- 1,015.github.com/openflagr/flagr1 CVE
- 1,016.github.com/openkruise/kruise1 CVE
- 1,017.github.com/openmeterio/openmeter1 CVE
- 1,018.github.com/open-policy-agent/opa-envoy-plugin1 CVE
- 1,019.github.com/open-policy-agent/opa/server1 CVE
- 1,020.github.com/open-policy-agent/opa/v1/server1 CVE
- 1,021.github.com/openpubkey/openpubkey1 CVE
- 1,022.github.com/openpubkey/opkssh1 CVE
- 1,023.github.com/openshift/assisted-installer1 CVE
- 1,024.github.com/openshift/builder1 CVE
- 1,025.github.com/openshift/cluster-monitoring-operator1 CVE
- 1,026.github.com/openshift/must-gather1 CVE
- 1,027.github.com/openshift/openshift-apiserver1 CVE
- 1,028.github.com/openshift/openshift-controller-manager1 CVE
- 1,029.github.com/openshift/osin1 CVE
- 1,030.github.com/openshift/source-to-image1 CVE
- 1,031.github.com/openshift/telemeter1 CVE
- 1,032.github.com/open-telemetry/opentelemetry-collector-contrib/exporter/sentryexporter1 CVE
- 1,033.github.com/open-telemetry/opentelemetry-collector-contrib/extension/azureauthextension1 CVE
- 1,034.github.com/open-telemetry/opentelemetry-collector-contrib/extension/bearertokenauthextension1 CVE
- 1,035.github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver1 CVE
- 1,036.github.com/open-telemetry/opentelemetry-collector-contrib/receiver/githubreceiver1 CVE
- 1,037.github.com/open-telemetry/opentelemetry-operator1 CVE
- 1,038.github.com/operator-framework/operator-sdk1 CVE
- 1,039.github.com/orneryd/nornicdb1 CVE
- 1,040.github.com/ory/hydra/v21 CVE
- 1,041.github.com/ory/keto1 CVE
- 1,042.github.com/ossf/allstar1 CVE
- 1,043.github.com/ouqiang/gocron1 CVE
- 1,044.github.com/ovn-org/ovn-kubernetes1 CVE
- 1,045.github.com/oxyno-zeta/s3-proxy/cmd/s3-proxy1 CVE
- 1,046.github.com/pandatix/go-cvss1 CVE
- 1,047.github.com/pelicanplatform/pelican1 CVE
- 1,048.github.com/phires/go-guerrilla1 CVE
- 1,049.github.com/pilinux/gorest1 CVE
- 1,050.github.com/pion/dtls/v31 CVE
Which Go packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →