Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2022-41720

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a...

7.5CVSS7.3AI score0.0119EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/05/31 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2023:2312-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.9AI score0.05623EPSS
Exploits9References34
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2023:0871-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.04561EPSS
Exploits0References9
OSV
OSV
added 2023/03/22 1:33 p.m.4 views

SUSE-SU-2023:0871-1 Security update for container-suseconnect

This update of container-suseconnect fixes the following issue: - container-suseconnect was rebuilt against the current go1.19 release, fixing security issues and other bugs fixed in go1.19.7. - CVE-2022-41723: Fixed quadratic complexity in HPACK decoding bsc1208270. - CVE-2022-41724: Fixed panic...

7.5CVSS6.9AI score0.04561EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2023/03/07 12:0 a.m.43 views

Oracle Linux 8 : ol8addon (ELSA-2023-18908)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-18908 advisory. - Addresses CVE-2021-34558 - Include patch to fix CVE-2019-9741 - Fixes CVE-2019-6486 - Fixes CVE-2018-16873, CVE-2018-16874, CVE-2018-16875 - Fix...

9.8CVSS6.7AI score0.66252EPSS
Exploits3References9
OpenVAS
OpenVAS
added 2022/12/12 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2022:4398-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.05623EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/12/12 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2022:4397-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.05623EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/12/10 12:0 a.m.32 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.18 (SUSE-SU-2022:4398-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4398-1 advisory. Update to version 1.18.9, includes the following security fixes: - CVE-2022-41717: net/http: lim...

7.5CVSS6.8AI score0.05623EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2022/12/10 12:0 a.m.27 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.19 (SUSE-SU-2022:4397-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4397-1 advisory. Update to version 1.19.4, includes the following security fixes: - CVE-2022-41717: net/http: lim...

7.5CVSS6.8AI score0.05623EPSS
Exploits0References8
OSV
OSV
added 2022/12/09 2:59 p.m.7 views

SUSE-SU-2022:4398-1 Security update for go1.18

This update for go1.18 fixes the following issues: Update to version 1.18.9, includes the following security fixes: - CVE-2022-41717: net/http: limit canonical header cache by bytes, not entries bsc1206135 - CVE-2022-41720: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows bsc1206...

7.5CVSS6.6AI score0.05623EPSS
Exploits0References6
Circl
Circl
added 2022/12/07 8:11 p.m.6 views

CVE-2022-41720

creationtimestamp| type| source ---|---|--- 2022-12-07 20:11:44+00:00| seen| https://t.me/cibsecurity/54131...

7.5CVSS7.8AI score0.0119EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/07 4:11 p.m.5 views

CVE-2022-41720 Restricted file access on Windows in os and net/http

On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS"C:/tmp".Open"COM1" opens the...

6.6AI score0.0119EPSS
Exploits0References4
CVE
CVE
added 2022/12/07 4:11 p.m.218 views

CVE-2022-41720

CVE-2022-41720 : On Windows, os.DirFS and http.Dir can access Windows device files (e.g., os.DirFS("C:/tmp").Open("COM1")); read-only, but a crafted path may escape a drive and reach arbitrary paths. The fix changes behavior of os.DirFS("") so that Open("tmp") no longer resolves to the root (prev...

7.5CVSS7.4AI score0.0119EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2022/12/07 4:11 p.m.61 views

CVE-2022-41720

On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS"C:/tmp".Open"COM1" opens the...

7.5CVSS7AI score0.0119EPSS
Exploits0
Cvelist
Cvelist
added 2022/12/07 4:11 p.m.49 views

CVE-2022-41720 Restricted file access on Windows in os and net/http

On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS"C:/tmp".Open"COM1" opens the...

7.7AI score0.0119EPSS
Exploits0References4
OSV
OSV
added 2022/12/07 4:11 p.m.29 views

CVE-2022-41720 Restricted file access on Windows in os and net/http

On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS"C:/tmp".Open"COM1" opens the...

7.5CVSS7.1AI score0.0119EPSS
Exploits0References7
ALT Linux
ALT Linux
added 2022/12/07 12:0 a.m.91 views

Security fix for the ALT Linux 10 package golang version 1.19.4-alt1

Dec. 7, 2022 Alexey Shabalin 1.19.4-alt1 - New version 1.19.4 Fixes: CVE-2022-41717, CVE-2022-41720...

7AI score0.05623EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/12/06 12:0 a.m.41 views

FreeBSD : go -- multiple vulnerabilities (6f5192f5-75a7-11ed-83c0-411d43ce7fe4)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 6f5192f5-75a7-11ed-83c0-411d43ce7fe4 advisory. - The Go project reports: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows Th...

7.5CVSS7.1AI score0.05623EPSS
Exploits0References4
Rows per page
Query Builder