18 matches found
TencentOS Server 3: go-toolset:rhel8 (TSSA-2026:0326)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0326 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2026-099 (ALASNITRO-ENCLAVES-2026-099)
The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-099 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow o...
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.2.5
Red Hat OpenShift Service Mesh 3.2.5 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift Service Mesh 3.2....
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.1.8
Red Hat OpenShift Service Mesh 3.1.8 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift Service Mesh 3.1....
GHSA-2CCX-CJJH-R2J8 MediaMTX affected by CVE-2026-27143 due to vulnerable dependency
Summary Release 1.17.1 seems affected by CVE-2026-27143. golang 1.25.9 Seems to solve the issue. Is there any new release planned? Details See https://nvd.nist.gov/vuln/detail/CVE-2026-27143...
RHEL 8 : go-toolset:rhel8 (RHSA-2026:10704)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:10704 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang:...
Photon OS 5.0: Go PHSA-2026-5.0-0830
An update of the go package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0830. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid310246...
SUSE SLES15 Security Update : go1.25-openssl (SUSE-SU-2026:1581-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1581-1 advisory. - Update to go1.25.9 bsc1244485. - CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG bsc1261653. - CVE-2026-27143:...
Security update for go1.25-openssl
This update for go1.25-openssl fixes the following issues: Update to go1.25.9 bsc1244485. CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG bsc1261653. CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination bsc1261654. CVE-2026-27144: cmd/compile:...
openSUSE 16 Security Update : go1.25 (openSUSE-SU-2026:20570-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20570-1 advisory. - Update to version go1.25.9 bsc1244485. - CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG bsc1261653. - CVE-2026-27143:...
Security update for go1.26 (important)
openSUSE security update: security update for go1.26 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20571-1 Rating: important References: bsc1255111 bsc1261653 bsc1261654 bsc1261655 bsc1261656 bsc1261657 bsc1261658 bsc1261659 bsc1261660 bsc1261661...
SUSE: Security Advisory (SUSE-SU-2026:1321-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for go1.26
This update for go1.26 fixes the following issues: Update to go1.26.2 bsc1255111. CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG bsc1261653. CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination bsc1261654. CVE-2026-27144: cmd/compile: no-op...
CVE-2026-27143
creationtimestamp| type| source ---|---|--- 2026-04-13 21:22:02+00:00| seen| Telegram/LHQfgYAbtuG7CogYZyWoKm7-py5GuHojGsIqn2GfOFcZFnQ 2026-05-07 18:20:11+00:00| seen| https://bsky.app/profile/gcpweekly.bsky.social/post/3mlbteahwco2i 2026-05-07 18:20:15+00:00| seen|...
UBUNTU-CVE-2026-27143
Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption...
CVE-2026-27143
CVE-2026-27143 is a memory-corruption issue in the Go toolchain (cmd/compile) triggered by bound-check elimination, potentially allowing invalid runtime indexing. Public references in openSUSE advisories confirm the vulnerability affects Go releases and list fixes: updating to Go 1.25.9 ( Leap 16...
CVE-2026-27143
Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption...
Linux Distros Unpatched Vulnerability : CVE-2026-27143
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to...