Synced 20 Jun 2026 01:50 UTC Account

Is Go 1.10.8 patched?

Google · cycle 1.10 · end of life · Official site ↗
1.10.80/100Critical · exploited

Current stable (1.26.4): 100/100

Minimum safe version1.25.10

1.10.8 has 90 open critical-or-high vulnerabilities. Run 1.25.10 or later to clear them. See what 1.25.10 fixes →

Health score0/100
Open issues133
Exploited now1
Cycle 1.10 EOL2019-02-25
Latest release1.26.4

Summary iPlain-English security status for Go 1.10.8, built from its CVEs, active-exploitation data, end-of-life date and latest release.

Go 1.10.8 is part of the 1.10 release line. 1 actively-exploited vulnerability affects it (CISA KEV). The minimum safe version is 1.25.10 — upgrade to it or later to clear the open critical/high issues. The 1.10 line reached end-of-life on 2019-02-25, so it no longer receives security patches. The latest supported Go release is 1.26.4.

Known issues affecting 1.10.8

Exploited first, then by exploitation probability.

CVE-2023-44487 HIGH exploited EPSS 100% → fixed in 1.21.3 CVE-2021-38297 CRITICAL EPSS 10% → fixed in 1.17.2 CVE-2019-14809 CRITICAL EPSS 8% → fixed in 1.12.8 CVE-2021-33194 HIGH EPSS 7% → see advisory CVE-2021-34558 MEDIUM EPSS 7% → fixed in 1.16.6 CVE-2021-39293 HIGH EPSS 7% → fixed in 1.17.1 CVE-2021-3115 HIGH EPSS 6% → fixed in 1.15.7 CVE-2022-41717 MEDIUM EPSS 6% → fixed in 1.19.4 CVE-2022-24675 HIGH EPSS 5% → fixed in 1.18.1 CVE-2019-16276 HIGH EPSS 5% → fixed in 1.13.1 CVE-2020-16845 HIGH EPSS 5% → fixed in 1.14.7 CVE-2022-41723 HIGH EPSS 5% → fixed in 1.19.6 CVE-2021-41771 HIGH EPSS 4% → fixed in 1.17.3 CVE-2021-44716 HIGH EPSS 4% → fixed in 1.17.5 CVE-2022-28327 HIGH EPSS 4% → fixed in 1.18.1 CVE-2020-28362 HIGH EPSS 4% → fixed in 1.15.5 CVE-2021-29923 HIGH EPSS 4% → fixed in 1.17 CVE-2021-31525 MEDIUM EPSS 4% → fixed in 1.16.4 CVE-2020-24553 MEDIUM EPSS 4% → fixed in 1.15.1 CVE-2021-33196 HIGH EPSS 3% → fixed in 1.16.5

Other Go versions

Check another release line of Go.

Go 1.26.4Go 1.25.11Go 1.24.13Go 1.23.12Go 1.22.12Go 1.21.13Go 1.20.14Go 1.19.13Go 1.18.10Go 1.17.13Go 1.16.15Go 1.15.15Go 1.14.15Go 1.13.15Go 1.12.17Go 1.11.13

Frequently asked

Is Go 1.10.8 patched?

No — 1 actively-exploited vulnerability affects Go 1.10.8. Upgrade to at least 1.25.10.

What version should I upgrade Go 1.10.8 to?

Upgrade Go 1.10.8 to at least 1.25.10 to clear its 90 open critical-or-high vulnerabilities.

When does Go 1.10 reach end-of-life?

Go 1.10 reached end-of-life on 2019-02-25 and no longer receives security patches.

What is the latest version of Go?

The latest supported Go release is 1.26.4.

Is Go 1.10.8 still receiving security updates?

No — Go 1.10.8 is on the 1.10 line, which reached end-of-life on 2019-02-25 and no longer receives security updates. Upgrade to 1.26.4 or later to stay supported.

Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against Google's official advisory before you patch or upgrade — Go official site ↗