42 matches found
RHCOS 4 : OpenShift Container Platform 4.10.25 (RHSA-2022:5729)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5729 advisory. - golang: cmd/go: misinterpretation of branch names can lead to incorrect access control CVE-2022-23773 - golang: crypto/elliptic:...
Azure Linux 3.0 Security Update: golang / python-tensorboard (CVE-2022-23773)
The version of golang / python-tensorboard installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-23773 advisory. - cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that...
CBL Mariner 2.0 Security Update: golang (CVE-2022-23773)
The version of golang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-23773 advisory. - cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be...
BELL-CVE-2022-23773 CVE-2022-23773 does not affect BellSoft software
Bulletin has no description...
Moderate: Red Hat Security Advisory: Service Telemetry Framework 1.5 security update
An update is now available for Service Telemetry Framework 1.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Medium: golang
Issue Overview: Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. CVE-2022-23772 cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This...
Amazon Linux AMI : golang, golang-bin, golang-misc (ALAS-2023-1685)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1685 advisory. Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. CVE-2022-23772 cmd/go in Go before 1.16.14 and 1.17.x befo...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to incorrect access control in Golang Go (CVE-2022-23773)
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to incorrect access control caused by a fault in cmd/go in Golang Go CVE-2022-23773. Cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. Thi...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Go
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Go. Vulnerability Details CVEID:CVE-2022-24921 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by improper input validation. By using a specially-crafted deeply nested expression, a remote...
Important: Red Hat Security Advisory: OpenShift Virtualization 4.11.0 Images security and bug fix update
Red Hat OpenShift Virtualization release 4.11.0 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...
RHEL 7 / 8 : OpenShift Container Platform 4.10.25 (RHSA-2022:5729)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5729 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement, & bugfix update
Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.11.0 on Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.10.28 packages and security update
Red Hat OpenShift Container Platform release 4.10.28 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.10.26 security update
Red Hat OpenShift Container Platform release 4.10.26 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a...
Amazon Linux 2 : golang, --advisory ALAS2-2022-1830 (ALAS-2022-1830)
The version of golang installed on the remote host is prior to 1.18.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1830 advisory. A null pointer dereference vulnerability was found in golang. When using the library's ssh server without specifying an...
Security Bulletin: IBM DataPower Operator affected by flaw in Go (CVE-2022-23773)
Summary This is a build-time issue that does not affect product code, but may be flagged in customer scans. IBM has addressed the CVE. Vulnerability Details CVEID: CVE-2022-23773 DESCRIPTION: An unspecified error with not treating branches with semantic-version names as releases in cmd/go in Gola...
Security Bulletin: Potential module resolution error in DataPower Operator
Summary IBM has addressed a potential build-time issue. This did not affect product code, but may have been detected in customer scans. Vulnerability Details CVEID: CVE-2022-23773 DESCRIPTION: An unspecified error with not treating branches with semantic-version names as releases in cmd/go in...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-1890)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-1841)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Critical: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.3 security update
Red Hat OpenShift Service Mesh 2.1.3 has been released. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...