Synced 20 Jun 2026 01:50 UTC Account

Is Go 1.17.13 patched?

Google · cycle 1.17 · end of life · Official site ↗
1.17.130/100Critical · exploited

Current stable (1.26.4): 100/100

Minimum safe version1.25.10

1.17.13 has 51 open critical-or-high vulnerabilities. Run 1.25.10 or later to clear them. See what 1.25.10 fixes →

Health score0/100
Open issues80
Exploited now1
Cycle 1.17 EOL2022-08-02
Latest release1.26.4

Summary iPlain-English security status for Go 1.17.13, built from its CVEs, active-exploitation data, end-of-life date and latest release.

Go 1.17.13 is part of the 1.17 release line. 1 actively-exploited vulnerability affects it (CISA KEV). The minimum safe version is 1.25.10 — upgrade to it or later to clear the open critical/high issues. The 1.17 line reached end-of-life on 2022-08-02, so it no longer receives security patches. The latest supported Go release is 1.26.4.

Known issues affecting 1.17.13

Exploited first, then by exploitation probability.

CVE-2023-44487 HIGH exploited EPSS 100% → fixed in 1.21.3 CVE-2022-41717 MEDIUM EPSS 6% → fixed in 1.19.4 CVE-2022-41723 HIGH EPSS 5% → fixed in 1.19.6 CVE-2023-45283 HIGH EPSS 3% → fixed in 1.21.4 CVE-2022-27664 HIGH EPSS 3% → fixed in 1.18.6 CVE-2023-24538 CRITICAL EPSS 2% → fixed in 1.20.3 CVE-2024-24790 CRITICAL EPSS 2% → fixed in 1.22.4 CVE-2023-24534 HIGH EPSS 2% → fixed in 1.20.3 CVE-2023-29404 CRITICAL EPSS 2% → fixed in 1.20.5 CVE-2023-39323 HIGH EPSS 2% → fixed in 1.21.2 CVE-2023-29405 CRITICAL EPSS 2% → fixed in 1.20.5 CVE-2023-29402 CRITICAL EPSS 2% → fixed in 1.20.5 CVE-2022-41722 HIGH EPSS 2% → fixed in 1.19.6 CVE-2023-24540 CRITICAL EPSS 2% → fixed in 1.20.4 CVE-2022-2879 HIGH EPSS 2% → fixed in 1.19.2 CVE-2023-24536 HIGH EPSS 1% → fixed in 1.20.3 CVE-2023-24537 HIGH EPSS 1% → fixed in 1.20.3 CVE-2022-41715 HIGH EPSS 1% → fixed in 1.19.2 CVE-2023-29409 MEDIUM EPSS 1% → fixed in 1.20.7 CVE-2023-29406 MEDIUM EPSS 1% → fixed in 1.20.6

Other Go versions

Check another release line of Go.

Go 1.26.4Go 1.25.11Go 1.24.13Go 1.23.12Go 1.22.12Go 1.21.13Go 1.20.14Go 1.19.13Go 1.18.10Go 1.16.15Go 1.15.15Go 1.14.15Go 1.13.15Go 1.12.17Go 1.11.13Go 1.10.8

Frequently asked

Is Go 1.17.13 patched?

No — 1 actively-exploited vulnerability affects Go 1.17.13. Upgrade to at least 1.25.10.

What version should I upgrade Go 1.17.13 to?

Upgrade Go 1.17.13 to at least 1.25.10 to clear its 51 open critical-or-high vulnerabilities.

When does Go 1.17 reach end-of-life?

Go 1.17 reached end-of-life on 2022-08-02 and no longer receives security patches.

What is the latest version of Go?

The latest supported Go release is 1.26.4.

Is Go 1.17.13 still receiving security updates?

No — Go 1.17.13 is on the 1.17 line, which reached end-of-life on 2022-08-02 and no longer receives security updates. Upgrade to 1.26.4 or later to stay supported.

Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against Google's official advisory before you patch or upgrade — Go official site ↗