EUVD-2022-32779

Malicious code in bioql PyPI...

Amazon Linux 2 : golang-github-godbus-dbus (ALAS-2022-1858)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1858 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...

Oracle Linux 8 : go-toolset:ol8addon (ELSA-2022-17956)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-17956 advisory. go-toolset 1.18.3-1 - Update to golang 1.18.3 golang 1.18.3-1.0.1 - Rebase to 1.18.3 by adding upstream patches to the 1.18.0 openssl-fips - Modify...

EulerOS 2.0 SP9 : golang (EulerOS-SA-2022-1996)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. CVE-2022-24675 - The gener...

Oracle Linux 8 : go-toolset:ol8addon (ELSA-2022-14844)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-14844 advisory. go-toolset 1.17.10-1 - Set version to correspond to the matching build golang version - delve can be now added to aarch64 as well, remove ifarch. gola...

The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.

...