370 matches found
[SECURITY] Fedora 35 Update: golang-github-eknkc-amber-0-0.17.20190601gitcdade1c.fc35
Amber is an elegant templating engine for Go Programming Language It is inspi red from HAML and Jade...
[SECURITY] Fedora 36 Update: golang-1.18.4-1.fc36
The Go Programming Language...
Hyperledger: Remote denial of service in HyperLedger Fabric
How to reproduce 1.Bring up the test network.https://hyperledger-fabric.readthedocs.io/en/latest/testnetwork.htmlbring-up-the-test-network 2.Run the PoC. bash go run poc.go -server=192.168.0.208:7051 go package main import "context" "crypto/tls" "flag" "fmt"...
[SECURITY] Fedora 35 Update: golang-1.16.15-3.fc35
The Go Programming Language...
Fedora: Security Advisory for golang (FEDORA-2022-ffe7dba2cb)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for golang-github-christrenkamp-goxpath (FEDORA-2022-fae3ecee19)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for golang-github-mock (FEDORA-2022-fae3ecee19)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 36 Update: golang-github-mock-1.6.0-3.fc36
GoMock is a mocking framework for the Go programming language. It integrates well with Go's built-in testing package, but can be used in other contexts to o...
[SECURITY] Fedora 36 Update: golang-github-leveldb-0-0.9.20190701git259d925.fc36
The LevelDB key-value database in the Go programming language...
[SECURITY] Fedora 36 Update: golang-github-gobwas-ws-1.1.0-3.fc36
Tiny WebSocket library for Go...
[SECURITY] Fedora 35 Update: golang-1.16.15-2.fc35
The Go Programming Language...
Moderate: Red Hat Security Advisory: go-toolset-1.17 and go-toolset-1.17-golang security and bug fix update
An update for go-toolset-1.17 and go-toolset-1.17-golang is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...
CVE-2022-29526
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...
golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString
A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issue could allow a remote attacker to impact the availability of the system...
Vulnerabilities fixed in Red Hat OpenShift Container Platform
Vulnerabilities have been fixed in Red Hat OpenShift Serverless Operator and Operator. The vulnerabilities allow a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure The vulnerabilities are locate...
Hakoriginfinder - Tool For Discovering The Origin Host Behind A Reverse Proxy. Useful For Bypassing Cloud WAFs!
Tool for discovering the origin host behind a reverse proxy. Useful for bypassing WAFs and other reverse proxies. How does it work? This tool will first make a HTTP request to the hostname that you provide and store the response, then it will make a request to every IP address that you provide vi...
Uncaught Exception
Overview std/crypto/x509 is a Go standard library package std/crypto/x509 Affected versions of this package are vulnerable to Uncaught Exception. Go Vulnerability Report: Verifying certificate chains containing certificates which are not compliant with RFC 5280 causes Certificate.Verify to panic ...
The vulnerabilities of the Go programming languageās `net.ParseIP` and `net.ParseCIDR` components allow attackers to compromise data integrity.
The vulnerability of the net.ParseIP and net.ParseCIDR components in the Go programming language is related to incorrect handling of zeros at the beginning of an IP address octal number. Exploiting this vulnerability allows a remote attacker to compromise data integrity...
[SECURITY] Fedora 36 Update: golang-1.18~rc1-2.fc36
The Go Programming Language...
golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet
A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...