Lucene search
K

81 matches found

Tenable Nessus
Tenable Nessus
added 2021/01/04 12:0 a.m.42 views

EulerOS 2.0 SP9 : golang (EulerOS-SA-2021-1006)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization...

9.8CVSS6.8AI score0.02369EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/01/04 12:0 a.m.37 views

EulerOS 2.0 SP9 : golang (EulerOS-SA-2021-1025)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization...

9.8CVSS6.8AI score0.02369EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2020/12/18 12:0 a.m.35 views

Amazon Linux AMI : golang (ALAS-2020-1471) (deprecated)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1471 advisory. - Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. CVE-2020-28362 - Go before 1.14.12 and...

8.3AI score0.03813EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2020/12/16 12:0 a.m.26 views

Fedora: Security Advisory for golang (FEDORA-2020-e971480183)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.8AI score0.03813EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/12/15 5:12 p.m.114 views

Moderate: Red Hat Security Advisory: go-toolset:rhel8 security update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7AI score0.03813EPSS
Exploits2References6
AlmaLinux
AlmaLinux
added 2020/12/15 4:2 p.m.39 views

Moderate: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: default Content-Type setting in net/http/cgi and net/http/fcgi could cause XSS CVE-2020-24553 golang: math/big: panic during recursive division of very large numbers...

5.1CVSS3.1AI score0.03813EPSS
Exploits2References4
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/11 5:6 p.m.40 views

Security Bulletin: App Connect Enterprise Certified Container Operator and Integration Servers are vulnerable to code injection and Denial of Service attacks

Summary App Connect Enterprise Certified Container Operator and Integration Servers are vulnerable to code injection and Denial of Service attacks due to CVE-2020-28362, CVE-2020-28366 and CVE-2020-28367 Vulnerability Details CVEID: CVE-2020-28366 DESCRIPTION: Golang Go could allow a remote...

7.5CVSS1.3AI score0.03813EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/12/10 12:0 a.m.38 views

Photon OS 3.0: Go PHSA-2020-3.0-0173

An update of the go package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0173. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid144064; scriptversion"1.6"...

7.5CVSS7.9AI score0.02369EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/12/03 11:20 a.m.75 views

Moderate: Red Hat Security Advisory: go-toolset-1.14-golang security update

An update for go-toolset-1.14-golang is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7AI score0.03813EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/11/30 12:0 a.m.33 views

openSUSE Security Update : go1.14 (openSUSE-2020-2047)

This update for go1.14 fixes the following issues : - go1.14.12 released 2020-11-12 includes security fixes to the cmd/go and math/big packages. - go42553 math/big: panic during recursive division of very large numbers bsc1178750 CVE-2020-28362 - go42560 cmd/go: arbitrary code can be injected int...

7.5CVSS7.4AI score0.03813EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2020/11/30 12:0 a.m.36 views

openSUSE Security Update : go1.14 (openSUSE-2020-2067)

This update for go1.14 fixes the following issues : - go1.14.12 released 2020-11-12 includes security fixes to the cmd/go and math/big packages. - go42553 math/big: panic during recursive division of very large numbers bsc1178750 CVE-2020-28362 - go42560 cmd/go: arbitrary code can be injected int...

7.5CVSS7.4AI score0.03813EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2020/11/23 12:0 a.m.41 views

Fedora 33 : golang (2020-864922e78a)

Rebase to go1.15.5 - Security fix for CVE-2020-28362, CVE-2020-28367 and CVE-2020-28366 ---- - Rebase to go1.15.4 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...

7.5CVSS6.3AI score0.03813EPSS
Exploits0References4
Circl
Circl
added 2020/11/18 8:40 p.m.3 views

CVE-2020-28366

creationtimestamp| type| source ---|---|--- 2020-11-18 20:40:33+00:00| seen| https://t.me/cibsecurity/16523...

7.5CVSS7.6AI score0.02244EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2020/11/18 12:0 a.m.35 views

CVE-2020-28366

Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file...

7.5CVSS8.2AI score0.02244EPSS
Exploits0
CVE
CVE
added 2020/11/18 12:0 a.m.269 views

CVE-2020-28366

CVE-2020-28366 affects the Go toolchain: code injection/arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file, impacting go commands using cgo before Go 1.14.12 and Go 1.15.5. The described impact is at build time, not runtime, with a high-severity pr...

7.5CVSS8.1AI score0.02244EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2020/11/18 12:0 a.m.27 views

CVE-2020-28366 Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo

Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file...

8.1AI score0.02244EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2020/11/18 12:0 a.m.47 views

CVE-2020-28366

Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file...

7.5CVSS8.3AI score0.02244EPSS
Exploits0
ArchLinux
ArchLinux
added 2020/11/17 12:0 a.m.81 views

[ASA-202011-16] go: multiple issues

Arch Linux Security Advisory ASA-202011-16 ========================================== Severity: High Date : 2020-11-17 CVE-ID : CVE-2020-28362 CVE-2020-28366 CVE-2020-28367 Package : go Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1278 Summary ======= The package ...

7.5CVSS7.9AI score0.03813EPSS
Exploits0References10
ALT Linux
ALT Linux
added 2020/11/14 12:0 a.m.34 views

Security fix for the ALT Linux 10 package golang version 1.15.5-alt1

Nov. 14, 2020 Alexey Shabalin 1.15.5-alt1 - New version 1.15.5. - Fixes: + CVE-2020-28362 + CVE-2020-28366 + CVE-2020-28367...

5.1CVSS6.9AI score0.03813EPSS
Exploits0
ALT Linux
ALT Linux
added 2020/11/14 12:0 a.m.32 views

Security fix for the ALT Linux 9 package golang version 1.15.5-alt1

Nov. 14, 2020 Alexey Shabalin 1.15.5-alt1 - New version 1.15.5. - Fixes: + CVE-2020-28362 + CVE-2020-28366 + CVE-2020-28367...

5.1CVSS6.8AI score0.03813EPSS
Exploits0
Rows per page
Query Builder