Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 7 : golang-1.9.4-1.el7 (AXSA:2018-2885:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2885:01 advisory. golang: arbitrary code execution during go get or go get -d CVE-2017-15041 golang: smtp.PlainAuth susceptible to man-in-the-middle password harvesti...

9.8CVSS8.2AI score0.08944EPSS
Exploits4References4
BDU FSTEC
BDU FSTEC
added 2021/03/03 12:0 a.m.3 views

The vulnerability of the “go get” command implementation in the Go programming language allows a perpetrator to execute arbitrary code.

The vulnerability of the “go get” command in the Go programming language is related to incorrect code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.6CVSS7.7AI score0.06497EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/04/29 12:0 a.m.5 views

The vulnerability of the “go get” command implementation in the Go programming language allows a perpetrator to execute arbitrary code.

The vulnerability of the “go get” command in the Go programming language is related to insufficient validation of input data insufficient checking of the import path when using the “-u” flag. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially create...

9.3CVSS7.4AI score0.66252EPSS
Exploits0References10Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/03/06 12:0 a.m.6 views

The vulnerability of the “go get” implementation in the Go programming package allows a perpetrator to execute the “go get” command remotely.

The vulnerability of the “go get” command in the Golang programming language is related to the absence of blocking of arguments -fplugin= and -plugin= during the compilation of source code using GCC or Clang plugin functions. Exploiting this vulnerability allows a remote attacker to execute the “...

9.8CVSS7AI score0.07768EPSS
Exploits4References6Affected Software4
Debian
Debian
added 2019/02/01 2:39 p.m.200 views

[SECURITY] [DSA 4380-1] golang-1.8 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4380-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 01, 2019 https://www.debian.org/security/faq -...

9.3CVSS8.5AI score0.63229EPSS
Exploits5
Mageia
Mageia
added 2018/05/16 8:24 a.m.35 views

Updated golang packages fix security vulnerability

A flaw was found in Go Lang. The "go get" implementation in Go 1.9.4, when the -insecure command-line option is used, does not validate the import path get/vcs.go only checks for "://" anywhere in the string, which allows remote attackers to execute arbitrary OS commands via a crafted web site...

9.3CVSS7AI score0.63229EPSS
Exploits1References2
Rows per page
Query Builder