Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:14 a.m.9 views

CVE-2019-11841

A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The...

5.9CVSS6.8AI score0.02002EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2023/06/19 12:0 a.m.25 views

Debian: Security Advisory (DLA-3455-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.21052EPSS
Exploits8References4
Debian
Debian
added 2023/06/16 9:31 p.m.46 views

[SECURITY] [DLA 3455-1] golang-go.crypto security update

Debian LTS Advisory DLA-3455-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 16, 2023 https://wiki.debian.org/LTS Package : golang-go.crypto Version : 1:0.0git20181203.505ab14-1+deb10u1 CVE ID : CVE-2019-11840 CVE-2019-11841 CVE-2020-9283 Debian Bug : 95246...

7.5CVSS7AI score0.21052EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2023/06/16 12:0 a.m.43 views

Debian dla-3455 : golang-golang-x-crypto-dev - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3455 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3455-1 [email protected]...

7.5CVSS7.2AI score0.21052EPSS
Exploits8References8
OpenVAS
OpenVAS
added 2020/10/08 12:0 a.m.28 views

Debian: Security Advisory (DLA-2402-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.21052EPSS
Exploits8References4
IBM Security Bulletins
IBM Security Bulletins
added 2019/08/13 9:2 p.m.23 views

Security Bulletin: API Connect V2018 is impacted by vulnerabilities in golang (CVE-2019-11841)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-11841 DESCRIPTION: Golang could allow a remote attacker to conduct spoofing attacks, caused by a flaw in the clearsign package of supplementary Go cryptography libraries. An attacker could...

5.9CVSS1.5AI score0.02002EPSS
Exploits2Affected Software1
OSV
OSV
added 2019/05/22 5:29 p.m.9 views

CVE-2019-11841

A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The...

5.9CVSS5.9AI score0.02002EPSS
Exploits2References7
CVE
CVE
added 2019/05/22 12:0 a.m.376 views

CVE-2019-11841

CVE-2019-11841 concerns a Cleartext Signed Message Spoofing issue in the Clearsign component of supplementary Go cryptography libraries. The OpenPGP clearsign implementation ignores the Hash Armor Header, enabling spoofing of the digest algorithm and, because Armor Header parsing is skipped, allo...

5.9CVSS5.8AI score0.02002EPSS
Exploits2References7Affected Software1
Rows per page
Query Builder