Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-202311-09
HistoryNov 25, 2023 - 12:00 a.m.

Go: Multiple Vulnerabilities

2023-11-2500:00:00
Gentoo Foundation
security.gentoo.org
13
go
programming language
vulnerabilities
upgrade
cve
resolution

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.72 High

EPSS

Percentile

98.0%

JSON

Background

Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.

Description

Multiple vulnerabilities have been discovered in Go. Please review the CVE identifiers referenced below for details.

Impact

Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Resolution

All Go users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-lang/go-1.20.10"
 # emerge --ask --oneshot --verbose @golang-rebuild
OSVersionArchitecturePackageVersionFilename
Gentooanyalldev-lang/go< 1.20.10UNKNOWN

Related

nessus 85
redhat 27
almalinux 11
osv 13
ibm 19
openvas 17
freebsd 2
oraclelinux 11
amazon 4
rocky 1
mageia 2
fedora 2
redos 2
altlinux 1
ubuntu 1
photon 1
nessus
nessus
GLSA-202311-09 : Go: Multiple Vulnerabilities
2023-11-27 00:00:00
RHEL 8 : Red Hat OpenStack Platform 16.2.5 (collectd-libpod-stats) (RHSA-2023:5964)
2024-04-28 00:00:00
RHCOS 4 : OpenShift Container Platform 4.14.2 (RHSA-2023:6840)
2024-01-24 00:00:00
redhat
redhat
(RHSA-2023:5964) Important: Red Hat OpenStack Platform 16.2.5 (collectd-libpod-stats) security update
2023-10-20 14:42:29
(RHSA-2023:6840) Important: OpenShift Container Platform 4.14.2 packages and security update
2023-11-15 04:30:20
(RHSA-2023:6085) Important: Red Hat OpenShift distributed tracing security update
2023-10-24 15:31:15
almalinux
almalinux
Moderate: container-tools:4.0 security update
2024-01-10 00:00:00
Moderate: buildah security update
2023-12-12 00:00:00
Moderate: podman security update
2023-12-12 00:00:00
osv
osv
Moderate: container-tools:4.0 security update
2024-01-10 00:00:00
Moderate: buildah security update
2023-12-12 00:00:00
Moderate: skopeo security update
2023-12-12 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Golang Go
2024-01-31 22:33:31
Security Bulletin: IBM Cloud Pak for Data Scheduling is vulnerable to multiple ansible-operator and opm vulnerabilities
2024-03-18 14:14:58
Security Bulletin: Multiple operator framework security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak
2023-06-29 15:09:39
openvas
openvas
openSUSE: Security Advisory for go1.21 (SUSE-SU-2023:3701-1)
2024-03-04 00:00:00
openSUSE: Security Advisory for go1.21 (SUSE-SU-2023:4469-1)
2024-03-04 00:00:00
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-3331)
2023-12-12 00:00:00
freebsd
freebsd
go -- multiple vulnerabilities
2023-09-06 00:00:00
go -- multiple vulnerabilities
2023-04-04 00:00:00
oraclelinux
oraclelinux
container-tools:4.0 security update
2024-01-11 00:00:00
podman security update
2023-12-14 00:00:00
buildah security update
2023-12-14 00:00:00
amazon
amazon
Important: golang
2023-09-27 22:15:00
Important: golang
2023-10-16 13:45:00
Important: golang
2023-07-20 17:29:00
rocky
rocky
go-toolset and golang security update
2023-07-08 02:54:41
mageia
mageia
Updated golang packages fix security vulnerability
2023-07-07 08:54:45
Updated golang packages fix security vulnerability
2023-04-15 22:03:44
fedora
fedora
[SECURITY] Fedora 38 Update: golang-1.20.6-1.fc38
2023-07-21 02:27:24
[SECURITY] Fedora 37 Update: golang-1.19.12-1.fc37
2023-08-11 01:01:43
redos
redos
ROS-20231109-01
2023-11-09 00:00:00
ROS-20240418-06
2024-04-18 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package golang version 1.19.8-alt1
2023-04-10 00:00:00
ubuntu
ubuntu
Go vulnerabilities
2024-01-11 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2023-4.0-0484
2023-10-05 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.72 High

EPSS

Percentile

98.0%

JSON
Related for GLSA-202311-09
nessus85redhat27almalinux11osv13ibm19openvas17freebsd2oraclelinux11amazon4rocky1mageia2fedora2redos2altlinux1ubuntu1photon1