[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-14809":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":28,"duplicate_of":9,"upstream":30,"downstream":31,"duplicates":56,"related":57,"reserved_at":9,"published_at":66,"modified_at":67,"state":68,"summary":69,"references_raw":77,"kevs":163,"epss":164,"epss_history":167,"metrics":427,"affected":436},"CVE-2019-14809","net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-NOINFO","Insufficient Information","NVD uses this CWE ID when there is insufficient information to assign a specific CWE.","placeholder","NVD-Reserved",[],[19],{"_key":20,"name":21,"source":22,"url":23,"maturity":24,"reliability_score":25,"verified":26,"type":9,"platforms":27,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_GOLANG_GO","Go","github","https://github.com/golang/go/issues/27016","poc",0.3,false,[],[29],"GO-2022-0211",[],[32,34,36,38,40,42,44,46,48,50,52,54],{"_key":33},"UBUNTU-CVE-2019-14809",{"_key":35},"OPENSUSE-SU-2019:2000-1",{"_key":37},"OPENSUSE-SU-2019:2056-1",{"_key":39},"OPENSUSE-SU-2019:2072-1",{"_key":41},"OPENSUSE-SU-2019:2085-1",{"_key":43},"OPENSUSE-SU-2019:2130-1",{"_key":45},"OPENSUSE-SU-2024:10804-1",{"_key":47},"OPENSUSE-SU-2024:10805-1",{"_key":49},"RHEA-2019:4179",{"_key":51},"RHSA-2019:3433",{"_key":53},"DSA-4503-1",{"_key":55},"MGASA-2019-0251",[],[58,59,60,61,62,63,64,65],{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":55},"2019-08-13T20:54:24.000Z","2024-08-05T00:26:39.120Z","Modified",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":70,"epss_score":71,"severity":72,"severity_score":73,"severity_version":74,"severity_source":75,"severity_vector":76,"severity_status":68},"low",0.02534,"critical",9.8,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[78,84,89,96,102,108,113,117,121,126,130,134,138,143,149,153,158],{"url":79,"sources":80,"tags":82},"https://groups.google.com/forum/#%21topic/golang-announce/0uuMm1BwpHE",[81,75],"cve.org",[83],"X Refsource MISC",{"url":85,"sources":86,"tags":87},"https://groups.google.com/forum/#%21topic/golang-announce/65QixT3tcmg",[81,75],[88],"X Refsource CONFIRM",{"url":90,"sources":91,"tags":92},"https://github.com/golang/go/issues/29098",[81,75],[88,93,94,95],"Exploit","Patch","Third Party Advisory",{"url":97,"sources":98,"tags":99},"https://seclists.org/bugtraq/2019/Aug/31",[81,75],[100,101,95],"Mailing List","X Refsource BUGTRAQ",{"url":103,"sources":104,"tags":105},"https://www.debian.org/security/2019/dsa-4503",[81,75],[106,107,95],"Vendor Advisory","X Refsource DEBIAN",{"url":109,"sources":110,"tags":111},"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html",[81,75],[106,112],"X Refsource SUSE",{"url":114,"sources":115,"tags":116},"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html",[81,75],[106,112],{"url":118,"sources":119,"tags":120},"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html",[81,75],[106,112],{"url":122,"sources":123,"tags":124},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ/",[81,75],[106,125],"X Refsource FEDORA",{"url":127,"sources":128,"tags":129},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7/",[81,75],[106,125],{"url":131,"sources":132,"tags":133},"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html",[81,75],[106,112],{"url":135,"sources":136,"tags":137},"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html",[81,75],[106,112],{"url":139,"sources":140,"tags":141},"https://access.redhat.com/errata/RHSA-2019:3433",[81,75],[106,142],"X Refsource REDHAT",{"url":144,"sources":145,"tags":147},"https://go.dev/cl/189258",[146],"osv_go",[148],"FIX",{"url":150,"sources":151,"tags":152},"https://go.googlesource.com/go/+/61bb56ad63992a3199acc55b2537c8355ef887b6",[146],[148],{"url":154,"sources":155,"tags":156},"https://go.dev/issue/29098",[146],[157],"REPORT",{"url":159,"sources":160,"tags":161},"https://groups.google.com/g/golang-announce/c/65QixT3tcmg",[146],[162],"WEB",[],{"date":165,"score":71,"percentile":166},"2026-06-04",0.85722,[168,172,175,178,181,184,186,189,192,195,198,201,204,207,210,214,217,220,222,225,228,230,233,236,238,241,244,246,250,253,256,259,262,265,268,271,273,276,279,282,285,288,290,293,296,299,302,305,307,310,313,316,319,322,325,328,331,334,337,340,343,346,349,351,354,356,358,361,363,366,369,371,373,376,379,382,385,388,391,394,397,400,403,406,409,412,415,418,421,424],{"date":169,"score":170,"percentile":171},"2025-11-04",0.02582,0.85032,{"date":173,"score":170,"percentile":174},"2025-11-05",0.85037,{"date":176,"score":170,"percentile":177},"2025-11-06",0.85039,{"date":179,"score":170,"percentile":180},"2025-11-07",0.85046,{"date":182,"score":170,"percentile":183},"2025-11-08",0.85051,{"date":185,"score":170,"percentile":180},"2025-11-09",{"date":187,"score":170,"percentile":188},"2025-11-10",0.85038,{"date":190,"score":170,"percentile":191},"2025-11-11",0.85044,{"date":193,"score":170,"percentile":194},"2025-11-12",0.85055,{"date":196,"score":170,"percentile":197},"2025-11-13",0.85061,{"date":199,"score":170,"percentile":200},"2025-11-14",0.85063,{"date":202,"score":170,"percentile":203},"2025-11-15",0.85058,{"date":205,"score":170,"percentile":206},"2025-11-16",0.85057,{"date":208,"score":170,"percentile":209},"2025-11-17",0.85045,{"date":211,"score":212,"percentile":213},"2025-11-18",0.0955,0.92031,{"date":215,"score":212,"percentile":216},"2025-11-19",0.92034,{"date":218,"score":212,"percentile":219},"2025-11-20",0.92039,{"date":221,"score":170,"percentile":200},"2025-11-21",{"date":223,"score":170,"percentile":224},"2025-11-22",0.8506,{"date":226,"score":170,"percentile":227},"2025-11-23",0.8505,{"date":229,"score":170,"percentile":227},"2025-11-24",{"date":231,"score":170,"percentile":232},"2025-11-25",0.85052,{"date":234,"score":170,"percentile":235},"2025-11-26",0.85054,{"date":237,"score":170,"percentile":235},"2025-11-27",{"date":239,"score":170,"percentile":240},"2025-11-28",0.85036,{"date":242,"score":170,"percentile":243},"2025-11-29",0.85083,{"date":245,"score":170,"percentile":243},"2025-11-30",{"date":247,"score":248,"percentile":249},"2025-12-01",0.01779,0.82193,{"date":251,"score":248,"percentile":252},"2025-12-02",0.82195,{"date":254,"score":248,"percentile":255},"2025-12-03",0.82194,{"date":257,"score":170,"percentile":258},"2025-12-04",0.85086,{"date":260,"score":170,"percentile":261},"2025-12-05",0.85091,{"date":263,"score":170,"percentile":264},"2025-12-06",0.85087,{"date":266,"score":170,"percentile":267},"2025-12-07",0.85076,{"date":269,"score":170,"percentile":270},"2025-12-08",0.85075,{"date":272,"score":170,"percentile":243},"2025-12-09",{"date":274,"score":170,"percentile":275},"2025-12-10",0.85104,{"date":277,"score":170,"percentile":278},"2025-12-11",0.8511,{"date":280,"score":170,"percentile":281},"2025-12-12",0.85115,{"date":283,"score":170,"percentile":284},"2025-12-13",0.85111,{"date":286,"score":170,"percentile":287},"2025-12-14",0.85109,{"date":289,"score":170,"percentile":278},"2025-12-15",{"date":291,"score":170,"percentile":292},"2025-12-16",0.85117,{"date":294,"score":170,"percentile":295},"2025-12-17",0.85121,{"date":297,"score":170,"percentile":298},"2025-12-18",0.85125,{"date":300,"score":170,"percentile":301},"2025-12-19",0.85129,{"date":303,"score":170,"percentile":304},"2025-12-20",0.85122,{"date":306,"score":170,"percentile":298},"2025-12-21",{"date":308,"score":170,"percentile":309},"2025-12-22",0.85127,{"date":311,"score":170,"percentile":312},"2025-12-23",0.85133,{"date":314,"score":170,"percentile":315},"2025-12-24",0.85138,{"date":317,"score":170,"percentile":318},"2025-12-25",0.85155,{"date":320,"score":170,"percentile":321},"2025-12-26",0.85156,{"date":323,"score":170,"percentile":324},"2025-12-27",0.85207,{"date":326,"score":170,"percentile":327},"2025-12-28",0.85146,{"date":329,"score":170,"percentile":330},"2025-12-29",0.85142,{"date":332,"score":170,"percentile":333},"2025-12-30",0.85149,{"date":335,"score":170,"percentile":336},"2025-12-31",0.85158,{"date":338,"score":248,"percentile":339},"2026-01-01",0.82315,{"date":341,"score":248,"percentile":342},"2026-01-02",0.8231,{"date":344,"score":248,"percentile":345},"2026-01-03",0.82304,{"date":347,"score":170,"percentile":348},"2026-01-04",0.8515,{"date":350,"score":170,"percentile":330},"2026-01-05",{"date":352,"score":170,"percentile":353},"2026-01-06",0.85148,{"date":355,"score":170,"percentile":353},"2026-01-07",{"date":357,"score":170,"percentile":336},"2026-01-08",{"date":359,"score":170,"percentile":360},"2026-01-09",0.8516,{"date":362,"score":170,"percentile":321},"2026-01-10",{"date":364,"score":170,"percentile":365},"2026-01-11",0.85152,{"date":367,"score":170,"percentile":368},"2026-01-12",0.85147,{"date":370,"score":170,"percentile":330},"2026-01-13",{"date":372,"score":170,"percentile":360},"2026-01-14",{"date":374,"score":170,"percentile":375},"2026-01-15",0.85159,{"date":377,"score":170,"percentile":378},"2026-01-16",0.85165,{"date":380,"score":170,"percentile":381},"2026-01-17",0.85171,{"date":383,"score":170,"percentile":384},"2026-01-18",0.85166,{"date":386,"score":170,"percentile":387},"2026-01-19",0.85161,{"date":389,"score":170,"percentile":390},"2026-01-20",0.85163,{"date":392,"score":170,"percentile":393},"2026-01-21",0.85168,{"date":395,"score":170,"percentile":396},"2026-01-22",0.85172,{"date":398,"score":170,"percentile":399},"2026-01-23",0.85184,{"date":401,"score":170,"percentile":402},"2026-01-24",0.85195,{"date":404,"score":170,"percentile":405},"2026-01-25",0.8519,{"date":407,"score":170,"percentile":408},"2026-01-26",0.85189,{"date":410,"score":170,"percentile":411},"2026-01-27",0.85194,{"date":413,"score":170,"percentile":414},"2026-01-28",0.85199,{"date":416,"score":170,"percentile":417},"2026-01-29",0.85201,{"date":419,"score":170,"percentile":420},"2026-01-30",0.85203,{"date":422,"score":170,"percentile":423},"2026-01-31",0.85204,{"date":425,"score":248,"percentile":426},"2026-02-01",0.82362,[428],{"source":75,"cvss_v2_0":429,"cvss_v3_0":434,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":430,"baseSeverity":9,"vectorString":431,"impactScore":432,"exploitabilityScore":433},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,10,{"baseScore":73,"baseSeverity":435,"vectorString":76,"impactScore":73,"exploitabilityScore":433},"CRITICAL",[437,446,461],{"ecosystem":9,"name":438,"vendor":439,"product":440,"cpe_part":441,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":442},"debian linux","debian","debian_linux","o",[443],{"version":444,"is_range":26,"range_type":445,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"ecosystem":9,"name":447,"vendor":448,"product":447,"cpe_part":449,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":450},"go","golang","a",[451,456],{"version":452,"is_range":453,"range_type":445,"version_start":9,"version_start_type":9,"version_end":454,"version_end_type":455,"fixed_in":9},"lt1.11.13",true,"1.11.13","excluding",{"version":457,"is_range":453,"range_type":445,"version_start":458,"version_start_type":459,"version_end":460,"version_end_type":455,"fixed_in":9},"gte1.12.0_lt1.12.8","1.12.0","including","1.12.8",{"ecosystem":21,"name":462,"vendor":21,"product":462,"cpe_part":9,"purl_type":448,"purl_namespace":9,"purl_name":462,"source":9,"versions":463},"stdlib",[464],{"version":465,"is_range":453,"range_type":466,"version_start":467,"version_start_type":459,"version_end":460,"version_end_type":455,"fixed_in":9},"gte1_12_0_0_lt1_12_8","semver","1.12.0-0"]