CVE-2022-28327

🗓️ 20 Apr 2022 00:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 7 Media mentions👁 415 Views

CVE-2022-28327: P-256 feature in Go before 1.17.9 and 1.18.x allows panic via long scalar input

Reporter	Title	Published	Views	Family All 1656
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Go may affect IBM CICS TX Standard	24 Feb 202310:43	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Data is vulnerable to a variety of issues due to 3rd party software	27 Sep 202417:52	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak	25 Aug 202202:03	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Golang Go affect Cloud Pak System	21 Mar 202323:07	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has applied security fixes for its use of Golang Go (CVE-2022-24921, CVE-2022-28327, CVE-2022-24675)	31 Jan 202315:21	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Golang Go and MinIO may affect IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift (CVE-2022-24842,CVE-2021-38561,CVE-2021-43565,CVE-2022-28327,CVE-2022-24675,CVE-2022-27536)	29 Jun 202222:44	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from Golang Go, libxml2, curl, expat, libgcrypt and IBM WebSphere Application Server Liberty	9 Aug 202205:46	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability in GO affects IBM Cloud Automation Manager	25 Jul 202206:32	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities exists in IBM Netezza Performance Server for Cloud Pak for Data	7 Jan 202510:22	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities	5 Dec 202219:00	–	ibm

NVD

Node

golang goRange<1.17.9

golang goRange1.18.0–1.18.1

Node

fedoraproject extra_packages_for_enterprise_linuxMatch7.0

fedoraproject extra_packages_for_enterprise_linuxMatch8.0

fedoraproject fedoraMatch34

fedoraproject fedoraMatch35

fedoraproject fedoraMatch36

Source	Link
security	www.security.netapp.com/advisory/ntap-20220915-0010/
groups	www.groups.google.com/g/golang-announce/c/oecdBNLOml8
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NY6GEAJMNKKMU5H46QO4D7D6A24KSPXE/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/
security	www.security.gentoo.org/glsa/202208-02
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/

21 Nov 2024 06:57Current

9.4High risk

Vulners AI Score9.4

CVSS 25

CVSS 3.17.5

EPSS0.0018