Lucene search
+L

87 matches found

OSV
OSV
•added 2025/03/13 4:26 p.m.•5 views

GHSA-H2RP-8VPX-Q9R4 cheqd-node Security patch for upstream vulnerabilities in IBC-Go (ISA-2025-001) and Cosmos SDK (ISA-2025-002)

Description There have been two upstream security advisories and associated patches published under ISA-2025-001 and ISA-2025-002. ISA-2025-001 affects the IBC-Go package., where non-deterministic JSON unmarshalling of IBC Acknowledgements can result in a chain halt. ISA-2025-002 affects the Cosm...

7.2AI score
Exploits0References6
Github Security Blog
Github Security Blog
•added 2025/03/13 4:26 p.m.•16 views

cheqd-node Security patch for upstream vulnerabilities in IBC-Go (ISA-2025-001) and Cosmos SDK (ISA-2025-002)

Description There have been two upstream security advisories and associated patches published under ISA-2025-001 and ISA-2025-002. ISA-2025-001 affects the IBC-Go package., where non-deterministic JSON unmarshalling of IBC Acknowledgements can result in a chain halt. ISA-2025-002 affects the Cosm...

7.2AI score
Exploits0References6Affected Software1
OSV
OSV
•added 2025/02/11 2:12 p.m.•16 views

SUSE-SU-2025:0429-1 Security update for govulncheck-vulndb

This update for govulncheck-vulndb fixes the following issues: - Update to version 0.0.20250207T224745 2025-02-07T22:47:45Z. Refs jscPED-11136 Go CVE Numbering Authority IDs added or updated with aliases: GO-2025-3456 CVE-2025-24786 GHSA-9r4c-jwx3-3j76 GO-2025-3457 CVE-2025-24787...

10CVSS6.2AI score0.0263EPSS
Exploits4References29
Ubuntu
Ubuntu
•added 2024/11/14 5:26 p.m.•27 views

USN-7111-1: Go vulnerabilities

Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this issue to cause a denial of service. CVE-2022-41723 Marten Seemann discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this...

8.1CVSS7.3AI score0.91969EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/11/14 1:57 p.m.•37 views

USN-7109-1: Go vulnerabilities

Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this issue to cause a denial of service. CVE-2022-41723 Marten Seemann discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this...

9.8CVSS7.5AI score0.91969EPSS
Exploits1
Tenable Nessus
Tenable Nessus
•added 2024/11/14 12:0 a.m.•21 views

Ubuntu 22.04 LTS : Go vulnerabilities (USN-7111-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7111-1 advisory. Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this issue to cause a denial of service...

8.1CVSS7.6AI score0.91969EPSS
Exploits1References15
Ubuntu
Ubuntu
•added 2024/10/23 2:47 a.m.•27 views

USN-7081-1: Go vulnerabilities

It was discovered that the Go net/http module did not properly handle responses to requests with an "Expect: 100-continue" header under certain circumstances. An attacker could possibly use this issue to cause a denial of service. CVE-2024-24791 It was discovered that the Go parser module did not...

7.5CVSS6.9AI score0.01414EPSS
Exploits0
Tenable Nessus
Tenable Nessus
•added 2024/10/10 12:0 a.m.•35 views

Ubuntu 22.04 LTS : Go vulnerabilities (USN-7061-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7061-1 advisory. Hunter Wittenborn discovered that Go incorrectly handled the sanitization of environment variables. An attacker could possibly use this issue to run...

9.8CVSS7.5AI score0.03796EPSS
Exploits0References12
IBM Security Bulletins
IBM Security Bulletins
•added 2024/07/24 11:2 a.m.•35 views

Security Bulletin: Operations Dashboard in IBM Cloud Pak for Integration is vulnerable to Go vulnerabilities CVE-2023-45290, CVE-2024-24783, CVE-2024-24785, CVE-2023-45289, CVE-2024-24784 & CVE-2024-24788

Summary Operations Dashboard in IBM Cloud Pak for Integration is vulnerable to denial of service and remote code execution due to Go vulnerabilities CVE-2023-45290, CVE-2024-24783, CVE-2024-24785, CVE-2023-45289, CVE-2024-24784 & CVE-2024-24788. These have been remediated. Vulnerability Details...

7.5CVSS8.7AI score0.01165EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/07/12 11:28 a.m.•28 views

Security Bulletin: Operations Dashboard in IBM Cloud Pak for Integration is vulnerable to information disclosure and denial of service due to Go vulnerabilities CVE-2023-45287, CVE-2023-39326, and CVE-2024-24786

Summary Operations Dashboard in IBM Cloud Pak for Integration is vulnerable to information disclosure and denial of service due to Go vulnerabilities CVE-2023-45287, CVE-2023-39326, and CVE-2024-24786. These have been remediated. Vulnerability Details CVEID:CVE-2023-45287 DESCRIPTION: Golang Go...

7.5CVSS7.5AI score0.01262EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
•added 2024/07/10 12:0 a.m.•39 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Go vulnerabilities (USN-6886-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6886-1 advisory. It was discovered that the Go net/http module did not properly handle the requests when request's headers exceed MaxHeaderBytes...

9.8CVSS7.6AI score0.91969EPSS
Exploits1References10
OSV
OSV
•added 2024/07/09 12:12 p.m.•17 views

USN-6886-1 golang-1.21, golang-1.22 vulnerabilities

It was discovered that the Go net/http module did not properly handle the requests when request's headers exceed MaxHeaderBytes. An attacker could possibly use this issue to cause a panic resulting into a denial of service. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS...

9.8CVSS7AI score0.91969EPSS
Exploits1References10
OSV
OSV
•added 2024/01/11 5:30 a.m.•9 views

USN-6574-1 Go vulnerabilities

Takeshi Kaneko discovered that Go did not properly handle comments and special tags in the script context of html/template module. An attacker could possibly use this issue to inject Javascript code and perform a cross site scripting attack. This issue only affected Go 1.20 in Ubuntu 20.04 LTS,...

8.1CVSS7AI score0.99999EPSS
Exploits20References8
IBM Security Bulletins
IBM Security Bulletins
•added 2023/08/29 11:55 a.m.•41 views

Security Bulletin: Operations Dashboard is vulnerable to remote code execution, privilege escalation, and denial of service due to multiple Go vulnerabilities

Summary Operations Dashboard is vulnerable to remote code execution, privilege escalation, and denial of service due to multiple Go vulnerabilities with details below CVE-2023-29405, CVE-2023-29404, CVE-2023-29402, CVE-2023-29403, CVE-2023-29400, IBM X-Force ID: 250518. The vulnerabilities have...

9.8CVSS10AI score0.01837EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/05/25 4:21 p.m.•40 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Go

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Go, with details below. IBM has addressed the vulnerabilities. Vulnerability Details CVEID:CVE-2023-24536 DESCRIPTION: Golang Go is vulnerable to a denial of service,...

9.8CVSS9.4AI score0.02281EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
•added 2023/04/25 12:0 a.m.•49 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Go vulnerabilities (USN-6038-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6038-1 advisory. It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attack...

9.8CVSS7.5AI score0.05623EPSS
Exploits7References21
Tenable Nessus
Tenable Nessus
•added 2023/03/21 12:0 a.m.•36 views

Amazon Linux 2023 : compat-golang-github-cpuguy83-md2man-2-devel, golang-github-cpuguy83-md2man, golang-github-cpuguy83-md2man-devel (ALAS2023-2023-047)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-047 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...

9.3CVSS7.3AI score0.0995EPSS
Exploits7References30
IBM Security Bulletins
IBM Security Bulletins
•added 2022/01/13 3:43 p.m.•34 views

Security Bulletin: Operations Dashboard is vulnerable to Go vulnerabilities CVE-2021-41771 and CVE-2021-41772

Summary Operations Dashboard is vulnerable to Go vulnerabilities CVE-2021-41771 and CVE-2021-41772 with details of each below Vulnerability Details CVEID: CVE-2021-41771 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an out-of-bounds slice situation in the ImportedSymbols...

7.5CVSS1.4AI score0.04372EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/10/14 1:5 p.m.•55 views

Security Bulletin: Operations Dashboard is vulnerable to multiple Go vulnerabilities

Summary Operations Dashboard is vulnerable to multiple Go vulnerabilities with details of each below Vulnerability Details CVEID: CVE-2021-33197 DESCRIPTION: Golang Go could allow a remote attacker to bypass security restrictions, caused by a flaw in the ReverseProxy in net/http/httputil. By...

7.5CVSS8.5AI score0.07293EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/06/24 1:10 p.m.•31 views

Security Bulletin: Operations Dashboard is vulnerable to Go vulnerabilities (CVE-2021-27918 and CVE-2021-27919)

Summary Operations Dashboard is vulnerable to Go vulnerabilities CVE-2021-27918 and CVE-2021-27919 with details of each below. Vulnerability Details CVEID: CVE-2021-27918 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an infinite loop flaw when using xml.NewTokenDecoder wi...

7.5CVSS1.2AI score0.02543EPSS
Exploits0Affected Software1
Rows per page
Query Builder