[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-1394":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":24,"downstream":25,"duplicates":98,"related":99,"reserved_at":9,"published_at":136,"modified_at":137,"state":138,"summary":139,"references_raw":148,"kevs":359,"epss":360,"epss_history":363,"metrics":618,"affected":628},"CVE-2024-1394","A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the \"return nil, nil, fail(...)\" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-401","Missing Release of Memory after Effective Lifetime","The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.","weakness","Draft","Variant","Medium",[],[],[22,23],"GHSA-78hx-gp6g-7mj6","GO-2024-2660",[],[26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96],{"_key":27},"RHSA-2024:1462",{"_key":29},"RHSA-2024:1468",{"_key":31},"RHSA-2024:1472",{"_key":33},"RHSA-2024:1501",{"_key":35},"RHSA-2024:1502",{"_key":37},"RHSA-2024:1561",{"_key":39},"RHSA-2024:1563",{"_key":41},"RHSA-2024:1566",{"_key":43},"RHSA-2024:1567",{"_key":45},"RHSA-2024:1574",{"_key":47},"RHSA-2024:1640",{"_key":49},"RHSA-2024:1644",{"_key":51},"RHSA-2024:1646",{"_key":53},"RHSA-2024:1763",{"_key":55},"RHSA-2024:1897",{"_key":57},"RHSA-2024:2562",{"_key":59},"RHSA-2024:2568",{"_key":61},"RHSA-2024:2569",{"_key":63},"RHSA-2024:2729",{"_key":65},"RHSA-2024:2730",{"_key":67},"RHSA-2024:2767",{"_key":69},"RHSA-2024:3265",{"_key":71},"RHSA-2024:3352",{"_key":73},"RHSA-2024:4146",{"_key":75},"RHSA-2024:4371",{"_key":77},"RHSA-2024:4378",{"_key":79},"RHSA-2024:4379",{"_key":81},"RHSA-2024:4502",{"_key":83},"RHSA-2024:4581",{"_key":85},"RHSA-2024:4672",{"_key":87},"RHSA-2024:4761",{"_key":89},"RHSA-2024:4762",{"_key":91},"RHSA-2024:5258",{"_key":93},"RHSA-2024:5634",{"_key":95},"RHSA-2024:7262",{"_key":97},"RHSA-2025:7118",[],[100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135],{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":91},{"_key":93},{"_key":95},{"_key":97},"2024-03-21T12:16:38.790Z","2026-04-23T01:32:06.267Z","Deferred",{"cisa_kev":140,"cisa_ransomware":140,"cisa_vendor":9,"epss_severity":141,"epss_score":142,"severity":143,"severity_score":144,"severity_version":145,"severity_source":146,"severity_vector":147,"severity_status":138},false,"low",0.01379,"high",7.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[149,158,162,166,170,174,178,182,186,190,194,198,202,206,210,214,218,222,226,230,234,238,242,246,250,254,258,262,266,270,274,278,282,286,290,294,298,302,306,310,315,320,325,329,333,337,341,346,351,355],{"url":150,"sources":151,"tags":154},"https://access.redhat.com/errata/RHSA-2024:1462",[146,152,153],"nvd","osv_go",[155,156,157],"Vendor Advisory","X Refsource REDHAT","WEB",{"url":159,"sources":160,"tags":161},"https://access.redhat.com/errata/RHSA-2024:1468",[146,152,153],[155,156,157],{"url":163,"sources":164,"tags":165},"https://access.redhat.com/errata/RHSA-2024:1472",[146,152,153],[155,156,157],{"url":167,"sources":168,"tags":169},"https://access.redhat.com/errata/RHSA-2024:1501",[146,152,153],[155,156,157],{"url":171,"sources":172,"tags":173},"https://access.redhat.com/errata/RHSA-2024:1502",[146,152,153],[155,156,157],{"url":175,"sources":176,"tags":177},"https://access.redhat.com/errata/RHSA-2024:1561",[146,152,153],[155,156,157],{"url":179,"sources":180,"tags":181},"https://access.redhat.com/errata/RHSA-2024:1563",[146,152,153],[155,156,157],{"url":183,"sources":184,"tags":185},"https://access.redhat.com/errata/RHSA-2024:1566",[146,152,153],[155,156,157],{"url":187,"sources":188,"tags":189},"https://access.redhat.com/errata/RHSA-2024:1567",[146,152,153],[155,156,157],{"url":191,"sources":192,"tags":193},"https://access.redhat.com/errata/RHSA-2024:1574",[146,152,153],[155,156,157],{"url":195,"sources":196,"tags":197},"https://access.redhat.com/errata/RHSA-2024:1640",[146,152,153],[155,156,157],{"url":199,"sources":200,"tags":201},"https://access.redhat.com/errata/RHSA-2024:1644",[146,152,153],[155,156,157],{"url":203,"sources":204,"tags":205},"https://access.redhat.com/errata/RHSA-2024:1646",[146,152,153],[155,156,157],{"url":207,"sources":208,"tags":209},"https://access.redhat.com/errata/RHSA-2024:1763",[146,152,153],[155,156,157],{"url":211,"sources":212,"tags":213},"https://access.redhat.com/errata/RHSA-2024:1897",[146,152,153],[155,156,157],{"url":215,"sources":216,"tags":217},"https://access.redhat.com/errata/RHSA-2024:2562",[146,152,153],[155,156,157],{"url":219,"sources":220,"tags":221},"https://access.redhat.com/errata/RHSA-2024:2568",[146,152,153],[155,156,157],{"url":223,"sources":224,"tags":225},"https://access.redhat.com/errata/RHSA-2024:2569",[146,152,153],[155,156,157],{"url":227,"sources":228,"tags":229},"https://access.redhat.com/errata/RHSA-2024:2729",[146,152,153],[155,156,157],{"url":231,"sources":232,"tags":233},"https://access.redhat.com/errata/RHSA-2024:2730",[146,152,153],[155,156,157],{"url":235,"sources":236,"tags":237},"https://access.redhat.com/errata/RHSA-2024:2767",[146,152,153],[155,156,157],{"url":239,"sources":240,"tags":241},"https://access.redhat.com/errata/RHSA-2024:3265",[146,152,153],[155,156,157],{"url":243,"sources":244,"tags":245},"https://access.redhat.com/errata/RHSA-2024:3352",[146,152,153],[155,156,157],{"url":247,"sources":248,"tags":249},"https://access.redhat.com/errata/RHSA-2024:4146",[146,152,153],[155,156,157],{"url":251,"sources":252,"tags":253},"https://access.redhat.com/errata/RHSA-2024:4371",[146,152,153],[155,156,157],{"url":255,"sources":256,"tags":257},"https://access.redhat.com/errata/RHSA-2024:4378",[146,152,153],[155,156,157],{"url":259,"sources":260,"tags":261},"https://access.redhat.com/errata/RHSA-2024:4379",[146,152,153],[155,156,157],{"url":263,"sources":264,"tags":265},"https://access.redhat.com/errata/RHSA-2024:4502",[146,152,153],[155,156,157],{"url":267,"sources":268,"tags":269},"https://access.redhat.com/errata/RHSA-2024:4581",[146,152,153],[155,156,157],{"url":271,"sources":272,"tags":273},"https://access.redhat.com/errata/RHSA-2024:4591",[146,152,153],[155,156,157],{"url":275,"sources":276,"tags":277},"https://access.redhat.com/errata/RHSA-2024:4672",[146,152,153],[155,156,157],{"url":279,"sources":280,"tags":281},"https://access.redhat.com/errata/RHSA-2024:4699",[146,152,153],[155,156,157],{"url":283,"sources":284,"tags":285},"https://access.redhat.com/errata/RHSA-2024:4761",[146,152,153],[155,156,157],{"url":287,"sources":288,"tags":289},"https://access.redhat.com/errata/RHSA-2024:4762",[146,152,153],[155,156,157],{"url":291,"sources":292,"tags":293},"https://access.redhat.com/errata/RHSA-2024:4960",[146,152,153],[155,156,157],{"url":295,"sources":296,"tags":297},"https://access.redhat.com/errata/RHSA-2024:5258",[146,152,153],[155,156,157],{"url":299,"sources":300,"tags":301},"https://access.redhat.com/errata/RHSA-2024:5634",[146,152,153],[155,156,157],{"url":303,"sources":304,"tags":305},"https://access.redhat.com/errata/RHSA-2024:7262",[146,152,153],[155,156,157],{"url":307,"sources":308,"tags":309},"https://access.redhat.com/errata/RHSA-2025:7118",[146,152],[155,156],{"url":311,"sources":312,"tags":313},"https://access.redhat.com/security/cve/CVE-2024-1394",[146,152,153],[314,156,157],"VDB Entry",{"url":316,"sources":317,"tags":318},"https://bugzilla.redhat.com/show_bug.cgi?id=2262921",[146,152,153],[319,156,157],"Issue Tracking",{"url":321,"sources":322,"tags":323},"https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136",[146,152,153],[157,324],"FIX",{"url":326,"sources":327,"tags":328},"https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6",[146,152,153],[157],{"url":330,"sources":331,"tags":332},"https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f",[146,152,153],[157,324],{"url":334,"sources":335,"tags":336},"https://pkg.go.dev/vuln/GO-2024-2660",[146,152,153],[157],{"url":338,"sources":339,"tags":340},"https://vuln.go.dev/ID/GO-2024-2660.json",[146,152,153],[157],{"url":342,"sources":343,"tags":344},"https://nvd.nist.gov/vuln/detail/CVE-2024-1394",[153],[345],"Advisory",{"url":347,"sources":348,"tags":349},"https://github.com/golang-fips/openssl",[153],[350],"PACKAGE",{"url":352,"sources":353,"tags":354},"https://github.com/golang-fips/openssl/releases/tag/v2.0.1",[153],[157],{"url":356,"sources":357,"tags":358},"https://github.com/microsoft/go-crypto-openssl/releases/tag/v0.2.9",[153],[157],[],{"date":361,"score":142,"percentile":362},"2026-06-04",0.80599,[364,368,370,373,376,379,382,385,387,390,393,396,399,401,404,408,411,414,417,419,421,424,427,429,432,435,438,441,444,447,450,452,455,458,461,463,466,469,472,475,478,481,484,487,490,493,496,499,502,504,506,508,511,514,517,520,522,525,528,531,534,537,540,543,545,548,551,554,557,559,562,565,568,571,574,576,579,582,584,587,590,593,596,599,601,603,606,609,612,615],{"date":365,"score":366,"percentile":367},"2025-11-04",0.01021,0.7653,{"date":369,"score":366,"percentile":367},"2025-11-05",{"date":371,"score":366,"percentile":372},"2025-11-06",0.76527,{"date":374,"score":366,"percentile":375},"2025-11-07",0.76542,{"date":377,"score":366,"percentile":378},"2025-11-08",0.76545,{"date":380,"score":366,"percentile":381},"2025-11-09",0.76541,{"date":383,"score":366,"percentile":384},"2025-11-10",0.76523,{"date":386,"score":366,"percentile":372},"2025-11-11",{"date":388,"score":366,"percentile":389},"2025-11-12",0.76546,{"date":391,"score":366,"percentile":392},"2025-11-13",0.76554,{"date":394,"score":366,"percentile":395},"2025-11-14",0.76561,{"date":397,"score":366,"percentile":398},"2025-11-15",0.76555,{"date":400,"score":366,"percentile":392},"2025-11-16",{"date":402,"score":366,"percentile":403},"2025-11-17",0.76543,{"date":405,"score":406,"percentile":407},"2025-11-18",0.02007,0.82229,{"date":409,"score":406,"percentile":410},"2025-11-19",0.82231,{"date":412,"score":406,"percentile":413},"2025-11-20",0.82235,{"date":415,"score":366,"percentile":416},"2025-11-21",0.76569,{"date":418,"score":366,"percentile":416},"2025-11-22",{"date":420,"score":366,"percentile":398},"2025-11-23",{"date":422,"score":366,"percentile":423},"2025-11-24",0.76557,{"date":425,"score":366,"percentile":426},"2025-11-25",0.76564,{"date":428,"score":366,"percentile":416},"2025-11-26",{"date":430,"score":366,"percentile":431},"2025-11-27",0.76572,{"date":433,"score":366,"percentile":434},"2025-11-28",0.7656,{"date":436,"score":366,"percentile":437},"2025-11-29",0.76567,{"date":439,"score":366,"percentile":440},"2025-11-30",0.76565,{"date":442,"score":366,"percentile":443},"2025-12-01",0.76682,{"date":445,"score":366,"percentile":446},"2025-12-02",0.76694,{"date":448,"score":366,"percentile":449},"2025-12-03",0.76684,{"date":451,"score":366,"percentile":426},"2025-12-04",{"date":453,"score":366,"percentile":454},"2025-12-05",0.76571,{"date":456,"score":366,"percentile":457},"2025-12-06",0.76573,{"date":459,"score":366,"percentile":460},"2025-12-07",0.76568,{"date":462,"score":366,"percentile":431},"2025-12-08",{"date":464,"score":366,"percentile":465},"2025-12-09",0.76597,{"date":467,"score":366,"percentile":468},"2025-12-10",0.76624,{"date":470,"score":366,"percentile":471},"2025-12-11",0.76639,{"date":473,"score":366,"percentile":474},"2025-12-12",0.76659,{"date":476,"score":366,"percentile":477},"2025-12-13",0.7666,{"date":479,"score":366,"percentile":480},"2025-12-14",0.76656,{"date":482,"score":366,"percentile":483},"2025-12-15",0.76651,{"date":485,"score":366,"percentile":486},"2025-12-16",0.76664,{"date":488,"score":366,"percentile":489},"2025-12-17",0.76676,{"date":491,"score":366,"percentile":492},"2025-12-18",0.76692,{"date":494,"score":366,"percentile":495},"2025-12-19",0.76704,{"date":497,"score":366,"percentile":498},"2025-12-20",0.76697,{"date":500,"score":366,"percentile":501},"2025-12-21",0.76691,{"date":503,"score":366,"percentile":449},"2025-12-22",{"date":505,"score":366,"percentile":449},"2025-12-23",{"date":507,"score":366,"percentile":498},"2025-12-24",{"date":509,"score":366,"percentile":510},"2025-12-25",0.76716,{"date":512,"score":366,"percentile":513},"2025-12-26",0.76714,{"date":515,"score":366,"percentile":516},"2025-12-27",0.76771,{"date":518,"score":366,"percentile":519},"2025-12-28",0.76699,{"date":521,"score":366,"percentile":446},"2025-12-29",{"date":523,"score":366,"percentile":524},"2025-12-30",0.76702,{"date":526,"score":366,"percentile":527},"2025-12-31",0.76724,{"date":529,"score":366,"percentile":530},"2026-01-01",0.76853,{"date":532,"score":366,"percentile":533},"2026-01-02",0.76855,{"date":535,"score":366,"percentile":536},"2026-01-03",0.76854,{"date":538,"score":366,"percentile":539},"2026-01-04",0.76732,{"date":541,"score":366,"percentile":542},"2026-01-05",0.76723,{"date":544,"score":366,"percentile":539},"2026-01-06",{"date":546,"score":366,"percentile":547},"2026-01-07",0.76741,{"date":549,"score":366,"percentile":550},"2026-01-08",0.76751,{"date":552,"score":366,"percentile":553},"2026-01-09",0.76758,{"date":555,"score":366,"percentile":556},"2026-01-10",0.76757,{"date":558,"score":366,"percentile":550},"2026-01-11",{"date":560,"score":366,"percentile":561},"2026-01-12",0.76734,{"date":563,"score":366,"percentile":564},"2026-01-13",0.76735,{"date":566,"score":366,"percentile":567},"2026-01-14",0.7676,{"date":569,"score":366,"percentile":570},"2026-01-15",0.76766,{"date":572,"score":366,"percentile":573},"2026-01-16",0.76775,{"date":575,"score":366,"percentile":573},"2026-01-17",{"date":577,"score":366,"percentile":578},"2026-01-18",0.76767,{"date":580,"score":366,"percentile":581},"2026-01-19",0.76764,{"date":583,"score":366,"percentile":581},"2026-01-20",{"date":585,"score":366,"percentile":586},"2026-01-21",0.76772,{"date":588,"score":366,"percentile":589},"2026-01-22",0.76776,{"date":591,"score":366,"percentile":592},"2026-01-23",0.76807,{"date":594,"score":366,"percentile":595},"2026-01-24",0.76817,{"date":597,"score":366,"percentile":598},"2026-01-25",0.76806,{"date":600,"score":366,"percentile":598},"2026-01-26",{"date":602,"score":366,"percentile":598},"2026-01-27",{"date":604,"score":366,"percentile":605},"2026-01-28",0.76815,{"date":607,"score":366,"percentile":608},"2026-01-29",0.76808,{"date":610,"score":366,"percentile":611},"2026-01-30",0.76813,{"date":613,"score":366,"percentile":614},"2026-01-31",0.7681,{"date":616,"score":366,"percentile":617},"2026-02-01",0.76925,[619,624,626],{"source":146,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":620,"cvss_v4_0":9},{"baseScore":144,"baseSeverity":621,"vectorString":147,"impactScore":622,"exploitabilityScore":623},"HIGH",6,10,{"source":152,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":625,"cvss_v4_0":9},{"baseScore":144,"baseSeverity":621,"vectorString":147,"impactScore":622,"exploitabilityScore":623},{"source":153,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":627,"cvss_v4_0":9},{"baseScore":144,"baseSeverity":9,"vectorString":147,"impactScore":622,"exploitabilityScore":623},[629,642,651,662],{"ecosystem":630,"name":631,"vendor":632,"product":633,"cpe_part":9,"purl_type":634,"purl_namespace":632,"purl_name":633,"source":9,"versions":635},"Go","github.com/golang-fips/go","github.com/golang-fips","go","golang",[636],{"version":637,"is_range":638,"range_type":639,"version_start":9,"version_start_type":9,"version_end":640,"version_end_type":641,"fixed_in":9},"lte1_22_1",true,"semver","1.22.1","including",{"ecosystem":630,"name":643,"vendor":644,"product":645,"cpe_part":9,"purl_type":634,"purl_namespace":644,"purl_name":645,"source":9,"versions":646},"github.com/golang-fips/openssl/v2","github.com/golang-fips/openssl","v2",[647],{"version":648,"is_range":638,"range_type":639,"version_start":9,"version_start_type":9,"version_end":649,"version_end_type":650,"fixed_in":9},"lt2_0_1","2.0.1","excluding",{"ecosystem":630,"name":652,"vendor":653,"product":654,"cpe_part":9,"purl_type":634,"purl_namespace":653,"purl_name":654,"source":9,"versions":655},"github.com/microsoft/go-crypto-openssl","github.com/microsoft","go-crypto-openssl",[656,659],{"version":657,"is_range":638,"range_type":639,"version_start":9,"version_start_type":9,"version_end":658,"version_end_type":641,"fixed_in":9},"lte0_2_8","0.2.8",{"version":660,"is_range":638,"range_type":639,"version_start":9,"version_start_type":9,"version_end":661,"version_end_type":650,"fixed_in":9},"lt0_2_9","0.2.9",{"ecosystem":630,"name":663,"vendor":652,"product":664,"cpe_part":9,"purl_type":634,"purl_namespace":652,"purl_name":664,"source":9,"versions":665},"github.com/microsoft/go-crypto-openssl/openssl","openssl",[666],{"version":660,"is_range":638,"range_type":639,"version_start":9,"version_start_type":9,"version_end":661,"version_end_type":650,"fixed_in":9}]