Lucene search
Copyright (C) 2021 Greenbone AGOPENVAS:13614125623114202127871HistoryAug 20, 2021 - 12:00 a.m.
SUSE: Security Advisory (SUSE-SU-2021:2787-1)
2021-08-2000:00:00
Copyright (C) 2021 Greenbone AG
plugins.openvas.org
4
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2021 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.4.2021.2787.1");
script_cve_id("CVE-2021-36221");
script_tag(name:"creation_date", value:"2021-08-20 14:52:30 +0000 (Fri, 20 Aug 2021)");
script_version("2024-02-02T14:37:50+0000");
script_tag(name:"last_modification", value:"2024-02-02 14:37:50 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2021-08-19 15:03:08 +0000 (Thu, 19 Aug 2021)");
script_name("SUSE: Security Advisory (SUSE-SU-2021:2787-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2021 Greenbone AG");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms", re:"ssh/login/release=(SLES15\.0SP2|SLES15\.0SP3|SLES15\.0SP1)");
script_xref(name:"Advisory-ID", value:"SUSE-SU-2021:2787-1");
script_xref(name:"URL", value:"https://www.suse.com/support/update/announcement/2021/suse-su-20212787-1/");
script_tag(name:"summary", value:"The remote host is missing an update for the 'go1.15' package(s) announced via the SUSE-SU-2021:2787-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update for go1.15 fixes the following issues:
Update to go1.15.15:
go#47473 net/http: panic due to racy read of persistConn after handler
panic (CVE-2021-36221 bsc#1189162)
go#47347 cmd/go: 'go list -f '{{.Stale}}'' stack overflow with cyclic
imports
go#47014 cmd/go: go mod vendor: open C:\Users\LICENSE: Access is denied.
go#46927 cmd/compile: register conflict between external linker and
duffzero on arm64
go#46857 runtime: ppc64x binaries randomly segfault on linux 5.13rc6");
script_tag(name:"affected", value:"'go1.15' package(s) on SUSE CaaS Platform 4.0, SUSE Enterprise Storage 6, SUSE Linux Enterprise High Performance Computing 15-SP1, SUSE Linux Enterprise Module for Development Tools 15-SP2, SUSE Linux Enterprise Module for Development Tools 15-SP3, SUSE Linux Enterprise Server 15-SP1, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 4.0.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLES15.0SP2") {
if(!isnull(res = isrpmvuln(pkg:"go1.15", rpm:"go1.15~1.15.15~1.39.1", rls:"SLES15.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"go1.15-doc", rpm:"go1.15-doc~1.15.15~1.39.1", rls:"SLES15.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"go1.15-race", rpm:"go1.15-race~1.15.15~1.39.1", rls:"SLES15.0SP2"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLES15.0SP3") {
if(!isnull(res = isrpmvuln(pkg:"go1.15", rpm:"go1.15~1.15.15~1.39.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"go1.15-doc", rpm:"go1.15-doc~1.15.15~1.39.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"go1.15-race", rpm:"go1.15-race~1.15.15~1.39.1", rls:"SLES15.0SP3"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLES15.0SP1") {
if(!isnull(res = isrpmvuln(pkg:"go1.15", rpm:"go1.15~1.15.15~1.39.1", rls:"SLES15.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"go1.15-doc", rpm:"go1.15-doc~1.15.15~1.39.1", rls:"SLES15.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"go1.15-race", rpm:"go1.15-race~1.15.15~1.39.1", rls:"SLES15.0SP1"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
nessus
nessus
openSUSE 15 Security Update : go1.16 (openSUSE-SU-2021:2788-1)
2021-08-21 00:00:00
Amazon Linux AMI : golang (ALAS-2021-1538)
2021-10-04 00:00:00
osv
osv
Panic in ReverseProxy in net/http/httputil
2022-02-17 17:32:24
CVE-2021-36221
2021-08-08 06:15:08
BIT-golang-2021-36221
2024-03-06 11:04:26
veracode
veracode
Denial Of Service
2021-08-06 20:30:04
openvas
openvas
openSUSE: Security Advisory for go1.16 (openSUSE-SU-2021:2788-1)
2021-08-21 00:00:00
Mageia: Security Advisory (MGASA-2021-0416)
2022-01-28 00:00:00
openSUSE: Security Advisory for go1.15 (openSUSE-SU-2021:2787-1)
2021-08-21 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-36221 affecting package golang 1.15.13-1
2021-09-09 15:03:05
redhat
redhat
altlinux
altlinux
Security fix for the ALT Linux 10 package golang version 1.16.7-alt1
2021-08-12 00:00:00
Security fix for the ALT Linux 9 package golang version 1.15.15-alt1
2021-08-11 00:00:00
cvelist
cvelist
CVE-2021-36221
2021-08-08 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: golang-1.15.15-1.fc33
2021-09-15 18:20:16
[SECURITY] Fedora 34 Update: golang-1.16.8-1.fc34
2021-09-22 16:30:52
[SECURITY] Fedora 35 Update: golang-1.16.8-2.fc35
2021-09-24 20:54:01
ibm
ibm
freebsd
freebsd
go -- net/http: panic due to racy read of persistConn after handler panic
2021-06-21 00:00:00
mageia
mageia
Updated golang packages fix security vulnerability
2021-09-04 20:01:38
alpinelinux
alpinelinux
CVE-2021-36221
2021-08-08 06:15:00
suse
suse
Security update for go1.16 (moderate)
2021-08-26 00:00:00
Security update for go1.16 (moderate)
2021-08-20 00:00:00
Security update for go1.15 (moderate)
2021-08-28 00:00:00
prion
prion
Race condition
2021-08-08 06:15:00
ubuntucve
ubuntucve
CVE-2021-36221
2021-08-08 00:00:00
amazon
amazon
Medium: golang
2021-09-30 19:24:00
Important: golang
2022-07-28 21:55:00
cve
cve
CVE-2021-36221
2021-08-08 06:15:00
debiancve
debiancve
CVE-2021-36221
2021-08-08 06:15:00
redhatcve
redhatcve
CVE-2021-36221
2022-04-30 13:09:05
rocky
rocky
go-toolset:rhel8 security, bug fix, and enhancement update
2021-11-09 08:25:49
container-tools:rhel8 security, bug fix, and enhancement update
2022-11-08 06:20:07
almalinux
almalinux
Moderate: go-toolset:rhel8 security, bug fix, and enhancement update
2021-11-09 08:25:49
debian
debian
[SECURITY] [DLA 2891-1] golang-1.8 security update
2022-01-21 22:02:58
[SECURITY] [DLA 2892-1] golang-1.7 security update
2022-01-21 22:03:05
[SECURITY] [DLA 3395-1] golang-1.11 security update
2023-04-19 21:43:12
oraclelinux
oraclelinux
container-tools:ol8 security, bug fix, and enhancement update
2022-11-15 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2021-0294
2021-09-02 00:00:00
Important Photon OS Security Update - PHSA-2021-3.0-0294
2021-09-02 00:00:00
Critical Photon OS Security Update - PHSA-2021-0130
2021-11-29 00:00:00
ics
ics
Siemens SCALANCE LPE9403 Third-Party Vulnerabilities
2022-06-16 12:00:00
gentoo
gentoo
Go: Multiple Vulnerabilities
2022-08-04 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2022
2022-01-18 00:00:00
6.9 Medium
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
80.4%
Related for OPENVAS:13614125623114202127871