17 matches found
EUVD-2022-44892
Malicious code in bioql PyPI...
CVE-2022-41716
Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavi...
Linux Distros Unpatched Vulnerability : CVE-2022-41716
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-1505)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-1385)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : golist (ALAS-2023-1913)
The version of golist installed on the remote host is prior to 0.10.1-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1913 advisory. Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to...
EulerOS 2.0 SP9 : golang (EulerOS-SA-2023-1124)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amoun...
SUSE SLED15 / SLES15 Security Update : go1.19 (SUSE-SU-2022:4054-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4054-1 advisory. - Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In...
AZL-79026 CVE-2022-41716 affecting package golang 1.25.7-1
Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavi...
DEBIAN-CVE-2022-41716
Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavi...
CVE-2022-41716
Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavi...
CVE-2022-41716
Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavi...
Code injection
Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavi...
UBUNTU-CVE-2022-41716
Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavi...
CVE-2022-41716
CVE-2022-41716 affects Go on Windows, where unsanitized NUL values in environment variables can be used to set one env var while assigning another in processes started via syscall.StartProcess or os/exec.Cmd. The root cause is improper handling of environment variable values containing NULs, enab...
CVE-2022-41716
Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavi...
CVE-2022-41716
Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavi...