Security Bulletin: Vulnerability in Go programming language affects IBM Spectrum Protect Server (CVE-2019-16276)

Summary The Go programming language could allow a remote attacker to bypass security restrictions which affects the IBM Spectrum Protect Server. Vulnerability Details CVEID: CVE-2019-16276 DESCRIPTION: Golang could allow a remote attacker to bypass security restrictions, caused by improper...

The Safety Boat: Kubernetes and Rust

Our team, DeisLabs, recently released a new piece of software called Krustlet, which is a tool for running WebAssembly modules on the popular, open-source container management tool called Kubernetes. Kubernetes is used quite extensively to run cloud software across many vendors and companies and ...

The Safety Boat: Kubernetes and Rust

Our team, DeisLabs, recently released a new piece of software called Krustlet, which is a tool for running WebAssembly modules on the popular, open-source container management tool called Kubernetes. Kubernetes is used quite extensively to run cloud software across many vendors and companies and ...

The vulnerability of the Go programming language’s crypto/x509 package, which allows a hacker to trigger a service failure

The vulnerability of the Go programming language’s crypto/x509 package is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

Domained - Multi Tool Subdomain Enumeration

A domain name enumeration tool The tools contained in domained requires Kali Linux preferred or Debian 7+ and Recon-ng domained uses several subdomain enumeration tools and wordlists to create a unique list of subdomains that are passed to EyeWitness for reporting with categorized screenshots,...

[SECURITY] Fedora 31 Update: golang-1.13.9-1.fc31

The Go Programming Language...

CVE-2016-5386

An input-validation flaw was discovered in the Go programming language built in CGI implementation, which set the environment variable "HTTPPROXY" using the incoming "Proxy" HTTP-request header. The environment variable "HTTPPROXY" is used by numerous web clients, including Go's net/http package,...

UBUNTU-CVE-2015-5741

The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields...

Moderate: Red Hat Enhancement Advisory: new packages: go-toolset-1.12

New go-toolset-1.12 packages are now available as a part of Red Hat Developer Tools for Red Hat Enterprise Linux. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. This enhancement update adds the go-toolset-1.12 packages to Red Hat Develope...

[SECURITY] Fedora 30 Update: golang-1.12.13-1.fc30

The Go Programming Language...

Fedora Update for golang FEDORA-2019-34e097c66c

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: golang-1.12.10-1.fc30

The Go Programming Language...

[SECURITY] Fedora 31 Update: golang-1.13.1-1.fc31

The Go Programming Language...

Important: Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: go-toolset-1.11 and go-toolset-1.11-golang security update

An update for go-toolset-1.11 and go-toolset-1.11-golang is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

[SECURITY] Fedora 30 Update: golang-1.12.9-1.fc30

The Go Programming Language...

CB TAU Threat Intelligence Notification: JCry Ransomware Pretends to be Adobe Flash Player Update Installer

JCry is a new family of ransomware that has the unique characteristic of being written in the Go programming language and being delivered as multiple executables, each with their own purpose. It was pretending to be an Adobe flash player update installer on a compromised website to lure users to...

Fedora Update for golang FEDORA-2019-d05bc7e3df

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Go DLL Injection Vulnerability

Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google. An injection vulnerability exists in Google Go 1.12 and earlier versions for Windows platforms, which stems from the program incorrectly using the LoadLibrary function. An attacke...

Security Advisory 0039

Security Advisory 0039 PDF Date: January 16th, 2019 Version: 1.0 Revision | Date | Changes ---|---|--- 1.0 | January 16th, 2019 | Initial Release The CVE-IDs tracking this issue are CVE-2018-16873, CVE-2018-16874 and CVE-2018-16875 Description This advisory is to document the impact of...