Lucene search
K

67 matches found

Fedora
Fedora
added 2022/07/04 1:35 a.m.19 views

[SECURITY] Fedora 36 Update: golang-google-appengine-1.6.7-5.fc36

This package supports the Go runtime on App Engine standard. It provides APIs for interacting with App Engine services...

9.3CVSS9AI score0.05994EPSS
Exploits4
Snyk
Snyk
added 2022/05/25 6:1 p.m.2 views

Uncontrolled Search Path Element

Overview std/runtime is a Go standard library package std/runtime Affected versions of this package are vulnerable to Uncontrolled Search Path Element. Go Vulnerability Report: via the LoadLibrary process. An attacker can execute arbitrary code by placing a malicious DLL in a location where it wi...

8.5CVSS7.7AI score0.03326EPSS
Exploits1References3
OSV
OSV
added 2021/10/06 5:29 p.m.7 views

SUSE-RU-2021:3315-1 Recommended update for go1.17

This update for go1.17 fixes the following issues: This is the initial go 1.17 shipment. go1.17.1 released 2021-09-09 includes a security fix to the archive/zip package, as well as bug fixes to the compiler, linker, the go command, and to the crypto/rand, embed, go/types, html/template, and...

7.5CVSS8.7AI score0.06934EPSS
Exploits0References4
OSV
OSV
added 2021/05/21 4:25 p.m.12 views

GHSA-GMQ2-39FF-F5QG A failed upgrade may lead to hung goroutines

Impact Processes using tableflip may encounter hung goroutines in the parent process, after a failed upgrade. The Go runtime has annoying behaviour around setting and clearing ONONBLOCK: exec.Cmd.Start ends up calling os.File.Fd for any file in exec.Cmd.ExtraFiles. os.File.Fd disables both the us...

6.9AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2021/05/21 4:25 p.m.51 views

A failed upgrade may lead to hung goroutines

Impact Processes using tableflip may encounter hung goroutines in the parent process, after a failed upgrade. The Go runtime has annoying behaviour around setting and clearing ONONBLOCK: exec.Cmd.Start ends up calling os.File.Fd for any file in exec.Cmd.ExtraFiles. os.File.Fd disables both the us...

6.9AI score
Exploits0References3Affected Software1
OSV
OSV
added 2021/01/29 6:15 a.m.23 views

CVE-2019-25014

A NULL pointer dereference was found in pkg/proxy/envoy/v2/debug.go getResourceVersion in Istio pilot before 1.5.0-alpha.0. If a particular HTTP GET request is made to the pilot API endpoint, it is possible to cause the Go runtime to panic resulting in a denial of service to the istio-pilot...

6.5CVSS6.7AI score
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/26 7:6 p.m.31 views

Security Bulletin: IBM Event Streams is affected by a vulnerability in the Go runtime (CVE-2020-16845)

Summary IBM Event Streams is affected by a vulnerability in the Go runtime Vulnerability Details CVEID: CVE-2020-16845 DESCRIPTION: Go Language is vulnerable to a denial of service, caused by an infinite read loop in ReadUvarint and ReadVarint in encoding/binary. By sending a specially-crafted...

7.5CVSS0.8AI score0.0473EPSS
Exploits0Affected Software1
Rows per page
Query Builder