depscope
Packages
IntegrateAPI DocsCuratorBenchmarkCoverage
Sign inGet API access

Related on DepScope

Known bugs
42 non-CVE bugs →
More
  • All Go packages →
  • Breaking changes index →
  • Bug index →
  • AI hallucination corpus →
depscope/go/golang.org/x/net

golang.org/x/net

govv0.53.0

License BSD-3-Clausepermissive53 versions0 deps
golang/net
40
/ 100
Health
update required

golang.org/x/[email protected] has vulnerabilities — update to latest

Update to >= 0.1.1-0.20221104162952-702349b0e862 to fix known vulnerabilities

  • Moderate health score (40/100) — verify manually
  • 11 high severity vulnerabilities
Health breakdown0 – 100
25/25
maintenance
0/20
popularity
0/25
security
15/15
maturity
0/15
community
Vulnerabilities
24
11 high2 medium11 low
Advisories (24)
SeverityIDSummaryFixed in
highCVE-2018-17142golang.org/x/net/html NULL Pointer Dereference vulnerability0.0.0-20180925071336-cf3bd585ca2a
highCVE-2019-9512golang.org/x/net/http vulnerable to a reset flood0.0.0-20190813141303-74dc4d7220e7
highCVE-2018-17847golang.org/x/net/html has Improper Restriction of Operations within the Bounds of a Memory Buffer0.0.0-20190125002852-4b62a64f59f7
highCVE-2018-17075golang.org/x/net/html NULL Pointer Dereference vulnerability0.0.0-20180816102801-aaf60122140d
highBIT-golang-2022-27664golang.org/x/net/http2 Denial of Service vulnerability0.0.0-20220906165146-f3363e06e74c
highBIT-golang-2021-33194golang.org/x/net/html Infinite Loop vulnerability0.0.0-20210520170846-37e1c6afe023
highCVE-2018-17143golang.org/x/net/html has Improper Restriction of Operations within the Bounds of a Memory Buffer0.0.0-20180921000356-2f5d2388922f
highCVE-2022-41721golang.org/x/net/http2/h2c vulnerable to request smuggling attack0.1.1-0.20221104162952-702349b0e862
mediumBIT-golang-2021-31525golang.org/x/net/http/httpguts vulnerable to Uncontrolled Recursion0.0.0-20210428140749-89ef3d95e781
highCVE-2019-9512golang.org/x/net/http vulnerable to ping floods0.0.0-20190813141303-74dc4d7220e7
highCVE-2018-17847golang.org/x/net/html Improper Validation of Array Index vulnerability0.0.0-20190125002852-4b62a64f59f7
mediumBIT-apisix-2023-44487HTTP/2 Stream Cancellation Attack10.5.3
highCVE-2018-17846x/net/html Vulnerable to DoS During HTML Parsing0.0.0-20190125091013-d26f9f9a57f3
unknownCVE-2018-17846Infinite loop due to improper handling of "select" tags in golang.org/x/net/html0.0.0-20190125091013-d26f9f9a57f3
unknownCVE-2018-17075Panic when parsing malformed HTML in golang.org/x/net/html0.0.0-20180816102801-aaf60122140d
unknownBIT-golang-2021-33194Infinite loop when parsing inputs in golang.org/x/net/html0.0.0-20210520170846-37e1c6afe023
unknownCVE-2018-17142Incorrect parsing of nested templates in golang.org/x/net/html0.0.0-20180925071336-cf3bd585ca2a
unknownCVE-2018-17143Panic on unconsidered isindex and template combination in golang.org/x/net/html0.0.0-20180921000356-2f5d2388922f
unknownCVE-2018-17847Panic when parsing certain inputs in golang.org/x/net/html0.0.0-20190125002852-4b62a64f59f7
unknownBIT-golang-2021-31525Panic due to large headers in net/http and golang.org/x/net/http/httpguts0.0.0-20210428140749-89ef3d95e781
... and 4 more
Threat intelligence
3 likely exploited (EPSS ≥ 0.5)
Threat tier per vulnerability derived from CISA KEV catalog + FIRST.org EPSS scores.
Maintainer trust
Active maintainers (3m)
11
Contributors (12m)
15
Primary author dominance
53%
GitHub stars
2,994

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/go/golang.org/x/net

Last updated · 2026-04-09T19:17:33Z

DepScope

Package intelligence for AI agents. 19 ecosystems.

Resources
API DocumentationHallucination BenchmarkFor EnterpriseSwagger / OpenAPIPopular PackagesCoverageAI Plugin SetupWatch the pitch (60s)
Legal
Legal hubPrivacy PolicyTerms of ServiceCookie PolicyAcceptable UseAttributionDPASub-processorsSecurityImprintContact中文
© 2026 Cuttalo srl — Italy · VAT IT03242390734Built for AI agents