Go Package Vulnerabilities

All 1,261 Go modules with known CVEs, ranked by live CVE volume — 5,112 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 401.github.com/docker/distribution2 CVEs
  2. 402.github.com/docker/mcp-gateway2 CVEs
  3. 403.github.com/dvsekhvalnov/jose2go2 CVEs
  4. 404.github.com/edgexfoundry/app-functions-sdk-go2 CVEs
  5. 405.github.com/edgexfoundry/app-functions-sdk-go/v22 CVEs
  6. 406.github.com/elastic/apm-server2 CVEs
  7. 407.github.com/etcd-io/etcd2 CVEs
  8. 408.github.com/expr-lang/expr2 CVEs
  9. 409.github.com/facebook/fbthrift2 CVEs
  10. 410.github.com/filecoin-project/go-f32 CVEs
  11. 411.github.com/flipped-aurora/gin-vue-admin/server2 CVEs
  12. 412.github.com/fluid-cloudnative/fluid2 CVEs
  13. 413.github.com/fluxcd/notification-controller2 CVEs
  14. 414.github.com/forceu/gokapi2 CVEs
  15. 415.github.com/free5gc/nrf2 CVEs
  16. 416.github.com/gardener/gardener2 CVEs
  17. 417.github.com/ginuerzh/gost2 CVEs
  18. 418.github.com/gitpod-io/gitpod2 CVEs
  19. 419.github.com/go-acme/lego2 CVEs
  20. 420.github.com/go-acme/lego/v32 CVEs
  21. 421.github.com/go-acme/lego/v42 CVEs
  22. 422.github.com/gofiber/fiber/v32 CVEs
  23. 423.github.com/go-git/go-billy/v52 CVEs
  24. 424.github.com/go-git/go-billy/v62 CVEs
  25. 425.github.com/go-jose/go-jose2 CVEs
  26. 426.github.com/golang-jwt/jwt/v42 CVEs
  27. 427.github.com/google/brotli2 CVEs
  28. 428.github.com/google/exposure-notifications-verification-server2 CVEs
  29. 429.github.com/google/osv-scalibr2 CVEs
  30. 430.github.com/gorilla/csrf2 CVEs
  31. 431.github.com/go-vela/worker2 CVEs
  32. 432.github.com/go-yaml/yaml2 CVEs
  33. 433.github.com/gphper/ginadmin2 CVEs
  34. 434.github.com/grafana/agent2 CVEs
  35. 435.github.com/grafana/tempo2 CVEs
  36. 436.github.com/grafana/tempo-operator2 CVEs
  37. 437.github.com/gravitational/teleport2 CVEs
  38. 438.github.com/gtsteffaniak/filebrowser2 CVEs
  39. 439.github.com/gtsteffaniak/filebrowser/backend2 CVEs
  40. 440.github.com/hashicorp/go-slug2 CVEs
  41. 441.github.com/hashicorp/terraform2 CVEs
  42. 442.github.com/influxdata/influxdb2 CVEs
  43. 443.github.com/iskorotkov/avro/v22 CVEs
  44. 444.github.com/jackc/pgproto3/v22 CVEs
  45. 445.github.com/jpillora/chisel2 CVEs
  46. 446.github.com/jumpserver/koko2 CVEs
  47. 447.github.com/justinas/nosurf2 CVEs
  48. 448.github.com/k3s-io/k3s2 CVEs
  49. 449.github.com/kata-containers/runtime2 CVEs
  50. 450.github.com/kcp-dev/kcp2 CVEs

Which Go packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →