Lucene search
K

18 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.24 views

Mageia: Security Advisory (MGASA-2018-0089)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.7AI score0.08944EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:33 p.m.27 views

Security Bulletin: A security vulnerability has been identified in Go shipped with IBM Cloud Schematics (CVE-2017-15041, CVE-2017-15042)

Summary A security vulnerability has been identified in Go shipped with IBM Cloud Schematics CVE-2017-15041, CVE-2017-15042 Vulnerability Details Title Security Bulletin: A security vulnerability has been identified in Go shipped with IBM Cloud Schematics CVE-2017-15041, CVE-2017-15042 Summary Go...

9.8CVSS0.2AI score0.08944EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/05/11 12:0 a.m.47 views

Amazon Linux 2 : golang (ALAS-2018-1011)

Arbitrary code execution during go get or go get -d Go before 1.8.4 and 1.9.x before 1.9.1 allows 'go get' remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git...

9.8CVSS7.5AI score0.08944EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2018/05/01 12:0 a.m.44 views

Scientific Linux Security Update : golang on SL7.x (noarch) (20180410)

The following packages have been upgraded to a later upstream version: golang 1.9.4. Security Fixes : - golang: arbitrary code execution during 'go get' or 'go get -d' CVE-2017-15041 - golang: smtp.PlainAuth susceptible to man-in-the-middle password harvesting CVE-2017-15042 - golang: arbitrary...

9.8CVSS7.5AI score0.08944EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2018/04/27 12:0 a.m.63 views

CentOS 7 : golang (CESA-2018:0878)

An update for golang is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS7.6AI score0.08944EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2018/04/10 9:33 a.m.61 views

Moderate: Red Hat Security Advisory: golang security, bug fix, and enhancement update

An update for golang is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS7.2AI score0.08944EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.37 views

Fedora 27 : golang (2017-f4fc897e8f)

Security fix for CVE-2017-15041 and CVE-2017-15042 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

9.8CVSS6.8AI score0.08944EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/12/19 12:0 a.m.68 views

RHEL 7 : go-toolset-7 and go-toolset-7-golang (RHSA-2017:3463)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3463 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: An arbitrary comma...

9.8CVSS7.4AI score0.08944EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2017/12/14 11:34 a.m.40 views

Moderate: Red Hat Security Advisory: go-toolset-7 and go-toolset-7-golang security and bug fix update

An update for go-toolset-7 and go-toolset-7-golang is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS7AI score0.08944EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/11/06 12:0 a.m.40 views

Amazon Linux AMI : golang (ALAS-2017-918)

Arbitrary code execution during go get or go get -d : Go before 1.8.4 and 1.9.x before 1.9.1 allows 'go get' remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git...

9.8CVSS7.5AI score0.08944EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2017/10/21 12:0 a.m.55 views

Fedora Update for golang FEDORA-2017-6f1b90dbb7

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.08944EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/10/20 12:0 a.m.40 views

Fedora 25 : golang (2017-8f7bca960b)

Security fix for CVE-2017-15041 and CVE-2017-15042 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

9.8CVSS6.8AI score0.08944EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/10/18 12:0 a.m.41 views

Fedora 26 : golang (2017-6f1b90dbb7)

Security fix for CVE-2017-15041 and CVE-2017-15042 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

9.8CVSS6.8AI score0.08944EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2017/10/06 12:19 a.m.26 views

CVE-2017-15042

It was found that smtp.PlainAuth authentication scheme in Go did not verify the TLS requirement properly. A remote man-in-the-middle attacker could potentially use this flaw to sniff SMTP credentials sent by a Go application...

5.9CVSS2.8AI score0.01105EPSS
Exploits0References1
NVD
NVD
added 2017/10/05 9:29 p.m.27 views

CVE-2017-15042

An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was...

5.9CVSS6.4AI score0.01105EPSS
Exploits0References8
OSV
OSV
added 2017/10/05 9:29 p.m.2 views

UBUNTU-CVE-2017-15042

An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was...

5.9CVSS6.5AI score0.01105EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2017/10/05 9:29 p.m.27 views

CVE-2017-15042

An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was...

5.9CVSS6.6AI score0.01105EPSS
Exploits0References5
CVE
CVE
added 2017/10/05 9:0 p.m.104 views

CVE-2017-15042

CVE-2017-15042 affects Go up to 1.8.4 and 1.9.x up to 1.9.1, where smtp.PlainAuth could leak credentials to a MITM SMTP server that advertises PLAIN without STARTTLS. The issue arises from server decisions on PLAIN acceptance, allowing username/password to be sent in cleartext on non-TLS connecti...

5.9CVSS7AI score0.01105EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder