Lucene search
K

5 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2020/12/15 5:50 p.m.32 views

Security Bulletin: A security vulnerability in Golang Go affects IBM Cloud Pak for Multicloud Management Managed Service.

Summary A security vulnerability in Golang Go affects IBM Cloud Pak for Multicloud Management Managed Service. Vulnerability Details CVEID: CVE-2020-24553 DESCRIPTION: Golang Go is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the CGI/FCGI handlers. A...

6.1CVSS0.9AI score0.03646EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/09 4:42 a.m.33 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Go

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Go. Vulnerability Details CVEID: CVE-2020-24553 DESCRIPTION: Golang Go is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the CGI/FCGI handlers. A remote attacker...

6.1CVSS0.7AI score0.03646EPSS
Exploits2Affected Software1
OSV
OSV
added 2020/09/02 5:15 p.m.27 views

CVE-2020-24553

Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header...

6.1CVSS5.9AI score
Exploits0References10
Prion
Prion
added 2020/09/02 5:15 p.m.22 views

Type confusion

Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header...

4.3CVSS6AI score0.03646EPSS
Exploits2References10Affected Software4
AlpineLinux
AlpineLinux
added 2020/09/02 4:25 p.m.626 views

CVE-2020-24553

Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header...

6.1CVSS6.5AI score0.03646EPSS
Exploits2
Rows per page
Query Builder