Go Package Vulnerabilities
All 1,264 Go modules with known CVEs, ranked by live CVE volume — 5,148 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 1,201.gitlab.com/uniget-org/cli1 CVE
- 1,202.goa.design/goa1 CVE
- 1,203.goa.design/goa/v31 CVE
- 1,204.go.elastic.co/apm1 CVE
- 1,205.go.etcd.io/etcd/client/v31 CVE
- 1,206.golang.org/x/crypto/ssh/agent1 CVE
- 1,207.golang.org/x/oauth21 CVE
- 1,208.go.mongodb.org/mongo-driver/v21 CVE
- 1,209.google.golang.org/grpc1 CVE
- 1,210.google.golang.org/protobuf/encoding/protojson1 CVE
- 1,211.google.golang.org/protobuf/internal/encoding/json1 CVE
- 1,212.go.opentelemetry.io/collector/config/configgrpc1 CVE
- 1,213.go.opentelemetry.io/collector/config/confighttp1 CVE
- 1,214.go.opentelemetry.io/contrib/instrumentation/github.com/astaxie/beego/otelbeego1 CVE
- 1,215.go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful1 CVE
- 1,216.go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin1 CVE
- 1,217.go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux1 CVE
- 1,218.go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho1 CVE
- 1,219.go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc1 CVE
- 1,220.go.opentelemetry.io/contrib/instrumentation/gopkg.in/macaron.v1/otelmacaron1 CVE
- 1,221.go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace1 CVE
- 1,222.go.opentelemetry.io/otel1 CVE
- 1,223.go.opentelemetry.io/otel/baggage1 CVE
- 1,224.go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp1 CVE
- 1,225.go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp1 CVE
- 1,226.go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp1 CVE
- 1,227.go.opentelemetry.io/otel/propagation1 CVE
- 1,228.go.opentelemetry.io/otel/schema/v1.01 CVE
- 1,229.go.opentelemetry.io/otel/schema/v1.11 CVE
- 1,230.go.pinniped.dev1 CVE
- 1,231.gopkg.in/go-jose/go-jose.v21 CVE
- 1,232.gopkg.in/macaron.v11 CVE
- 1,233.gopkg.in/square/go-jose.v21 CVE
- 1,234.gopkg.in/yaml.v31 CVE
- 1,235.go.qbee.io/transport1 CVE
- 1,236.go.senan.xyz/gonic1 CVE
- 1,237.go.temporal.io/api1 CVE
- 1,238.go.thethings.network/lorawan-stack1 CVE
- 1,239.go.thethings.network/lorawan-stack/v31 CVE
- 1,240.heckel.io/ntfy/v21 CVE
- 1,241.k8s.io/apiextensions-apiserver1 CVE
- 1,242.k8s.io/apimachinery1 CVE
- 1,243.k8s.io/apiserver1 CVE
- 1,244.k8s.io/kops1 CVE
- 1,245.k8s.io/kubernetes/cmd/kube-apiserver1 CVE
- 1,246.k8s.io/kubernetes/cmd/kubelet1 CVE
- 1,247.k8s.io/kubernetes/pkg/kubelet1 CVE
- 1,248.k8s.io/kube-state-metrics1 CVE
- 1,249.k8s.io/minikube1 CVE
- 1,250.k8s.io/mount-utils1 CVE
Which Go packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →