Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2018-16875

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow...

7.8CVSS6.7AI score0.06325EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/04/29 12:0 a.m.4 views

The vulnerability of the Go programming language’s crypto/x509 package, which allows a hacker to trigger a service failure

The vulnerability of the Go programming language’s crypto/x509 package is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

7.8CVSS6.7AI score0.06325EPSS
Exploits0References10Affected Software2
Gentoo Linux
Gentoo Linux
added 2018/12/21 12:0 a.m.95 views

Go: Multiple vulnerabilities

Background Go is an open source programming language that makes it easy to build simple, reliable, and efficient software. Description Multiple vulnerabilities have been discovered in Go. Please review the CVE identifiers referenced below for details. Impact A remote attacker could cause arbitrar...

8.1CVSS8.4AI score0.66252EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/12/20 12:0 a.m.37 views

openSUSE: Security Advisory for go1.11 (openSUSE-SU-2018:4181-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS8AI score0.66252EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/12/19 12:9 p.m.112 views

Security update for go1.11 (important)

This new package for go1.11 fixes the following issues: Security issues fixed: - CVE-2018-16873: Fixed a remote code execution in go get, when executed with the -u flag bsc1118897 - CVE-2018-16874: Fixed an arbitrary filesystem write in go get, which could lead to code execution bsc1118898 -...

1.4AI score0.66252EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2018/12/17 12:0 a.m.48 views

Amazon Linux AMI : golang (ALAS-2018-1130)

In Go before 1.10.6 and 1.11.x before 1.11.3, the 'go get' command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not ...

8.1CVSS8AI score0.66252EPSS
Exploits0References4
Rows per page
Query Builder