16 matches found
ROS-20241203-15
Go programming language vulnerability is related to errors in handling whitespace characters in context JavaScript. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity, and availability of protected information. affect the confidentiality,...
CBL Mariner 2.0 Security Update: golang (CVE-2022-23806)
The version of golang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-23806 advisory. - Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true...
Debian dla-3395 : golang-1.11 - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3395 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3395-2 [email protected] https://www.debian.org/lts/security/...
SUSE SLES12 Security Update : google-guest-agent (SUSE-SU-2023:0603-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0603-1 advisory. Updated to version 20230222.00 bsc1202100, bsc1202101 and bumped go API version to 1.18 to address the following bsc1208723: -...
EulerOS 2.0 SP9 : golang (EulerOS-SA-2022-1865)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-1805)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : golang (EulerOS-SA-2022-1805)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption...
Debian DLA-2985-1 : golang-1.7 - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2985 advisory. Several vulnerabilities were discovered in the Go programming language. An attacker could trigger a denial-of-service DoS or invalid cryptographic computation...
Debian DLA-2986-1 : golang-1.8 - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2986 advisory. - Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. CVE-2022-23772 -...
EulerOS 2.0 SP5 : golang (EulerOS-SA-2022-1534)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header falsely designating that many files are present can cause ...
openSUSE 15 Security Update : go1.17 (openSUSE-SU-2022:0723-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0723-1 advisory. - Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption...
CVE-2022-23806
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element...
CVE-2022-23806
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element...
CVE-2022-23806
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element...
PT-2022-7693 · Google +7 · Go +7
Name of the Vulnerable Software and Affected Versions: Go versions prior to 1.16.14 Go versions 1.17.x prior to 1.17.7 Description: The issue is related to the Curve.IsOnCurve component in the Golang programming language, which is associated with incorrect checking of the return value of a method...
CVE-2022-23806
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element...