Lucene search
+L

18 matches found

osv
osv
added 4 days ago4 views

ALSA-2026:38995 Important: go-toolset:rhel8 security, bug fix, and enhancement update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing CVE-2026-39821 crypto/x509: golang: golang crypto/x509: Deni...

9.6CVSS6.5AI score0.00939EPSS
Exploits0References8
opensuse
opensuse
added 2026/07/08 12:0 a.m.3 views

Security update for hauler (important)

openSUSE security update: security update for hauler ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21262-1 Rating: important References: bsc1267150 bsc1269433 Cross-References: CVE-2026-25680 CVE-2026-25681 CVE-2026-27136 CVE-2026-42502...

8.7CVSS6.5AI score0.00478EPSS
Exploits0References2
redhat
redhat
added 2026/06/25 4:14 p.m.10 views

Moderate: Red Hat Security Advisory: golang security, bug fix, and enhancement update

An update for golang is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

5.3CVSS5.9AI score0.0037EPSS
Exploits0References3
oraclelinux
oraclelinux
added 2026/06/23 12:0 a.m.6 views

podman security update

5.8.2-3.0.1 - Rework CNI/Netavark detection logic JIRA: EVG-3769 - Rebuild on new golang to support experimental GODEBUG fipsnoenforceems - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 6:5.8.2-3 - Rebuild for CVE-2026-32283 - Resolves: RHEL-167685 6:5.8.2-2 - Rebui...

7.5CVSS7.2AI score0.00728EPSS
Exploits0
nessus
nessus
added 2026/05/16 12:0 a.m.25 views

SUSE SLED15 / SLES15 Security Update : go1.26 (SUSE-SU-2026:1861-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1861-1 advisory. This update for go1.26 fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling...

7.5CVSS6AI score0.00813EPSS
Exploits0References36
snyk
snyk
added 2026/03/18 8:10 p.m.4 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the processing of HTTP/2 :path pseudo-headers in handleStream. An attacker can gain unauthorized access to restricted resources by sending requests with malformed :path headers that omit the leading slash. Thi...

9.3CVSS5.8AI score0.01557EPSS
Exploits1References2
nessus
nessus
added 2026/03/07 12:0 a.m.3 views

SUSE SLES16 Security Update : go1.25-openssl (SUSE-SU-2026:20623-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20623-1 advisory. - Update to version 1.25.7 jscSLE-18320 - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect...

10CVSS7.7AI score0.01945EPSS
Exploits4References60
osv
osv
added 2026/03/02 12:44 p.m.13 views

CLSA-2026-1772455449 buildah: Fix of 3 CVEs

rebuild with newer golang version 1.22.9-1.el92.tuxcare.els6 to fix the following CVE's - CVE-2025-68121: fix TLS session resumption bypass by preventing shared auto-rotated ticket keys in Config and validating full certificate chain expiry - CVE-2025-61726: limit parsed URL query parameters to...

10CVSS7.1AI score0.01945EPSS
Exploits3References1
nessus
nessus
added 2026/02/12 12:0 a.m.4 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.24 (SUSE-SU-2026:0426-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0426-1 advisory. Update to version 1.24.13. Security issues fixed: - CVE-2025-61732: cmd/go: discrepancy between ...

10CVSS7.6AI score0.00765EPSS
Exploits1References11
osv
osv
added 2025/12/17 3:26 p.m.13 views

CLSA-2025-1765985189 delve: Fix of CVE-2025-58183

rebuild with newer golang to fix CVE-2025-58183 fix unbounded memory consumption when reading GNU pax 1.0 sparse files...

4.3CVSS5.8AI score0.00419EPSS
Exploits0References1
oraclelinux
oraclelinux
added 2025/11/25 12:0 a.m.9 views

delve and golang security update

delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update to Delve 1.25.2 - Resolves: RHEL-111801 golang 1.25.3-1 - Update to Go 1.25.3 - Resolves: RHEL-121220 1.25.1-1 - Update to Go 1.25.1 - Resolves: RHEL-116850 1.25.0-2 - Revert DWARF5 defaults - Add elf...

4.3CVSS7.2AI score0.00419EPSS
Exploits0
snyk
snyk
added 2025/10/10 4:42 p.m.2 views

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion in the handshake phase. An attacker can cause the client to crash by sending a premature HANDSHAKEDONE frame. Remediation Upgrade github.com/quic-go/quic-go to version 0.49.1, 0.54.1 or higher. References - GitHub PR...

8.7CVSS6.5AI score0.00438EPSS
Exploits0References2
nessus
nessus
added 2025/09/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-47909

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Hosts listed in TrustedOrigins implicitly allow requests from the corresponding HTTP origins, allowing network MitMs to perform CSRF attacks. After the...

7.3CVSS6.4AI score0.00347EPSS
Exploits0References3
opensuse
opensuse
added 2025/08/26 12:0 a.m.11 views

Security update for v2ray-core (important)

openSUSE Security Update: Security update for v2ray-core Announcement ID: openSUSE-SU-2025:0322-1 Rating: important References: 1222488 1235164 1243946 Cross-References: CVE-2024-22189 CVE-2025-297850 CVSS scores: CVE-2024-22189 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected...

7.5CVSS7AI score0.011EPSS
Exploits0References3
osv
osv
added 2025/08/12 1:49 p.m.3 views

SUSE-SU-2025:02769-1 Security update for amber-cli

This update for amber-cli fixes the following issues: - Update to version 1.13.1+git20250329.c2e3bb8: CVE-2025-30204: Fixed jwt-go excessive memory allocation during header parsing bsc1240511 jwt version upgrade 174 Update policy size limit to 20k 173 Update tenant user model with latest changes...

7.5CVSS6.7AI score0.00693EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2022/07/12 12:0 a.m.6 views

PT-2022-20221 · Go +9 · Go +9

Name of the Vulnerable Software and Affected Versions: Go versions prior to 1.17.12 Go versions prior to 1.18.4 Description: The issue is related to uncontrolled recursion in Glob in path/filepath, which allows an attacker to cause a panic due to stack exhaustion via a path containing a large...

9.8CVSS7AI score0.10299EPSS
Exploits16References402
snyk
snyk
added 2022/05/24 4:44 p.m.2 views

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...

9.2CVSS7.1AI score0.01492EPSS
Exploits0References2
snyk
snyk
added 2022/05/20 9:17 p.m.3 views

Uncontrolled Recursion

Overview std/encoding/pem is a Go standard library package std/encoding/pem Affected versions of this package are vulnerable to Uncontrolled Recursion. Go Vulnerability Report: Stack overflow via a large amount of PEM data via the Decode function. An attacker can cause a stack overflow and...

8.7CVSS8.8AI score0.0995EPSS
Exploits1References3
Rows per page
Query Builder