44 matches found
Azure Linux 3.0 Security Update: python-tensorboard (CVE-2019-16276)
The version of python-tensorboard installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-16276 advisory. - Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. CVE-2019-16276 Note tha...
MiracleLinux 8 : go-toolset:rhel8 (AXSA:2020-275:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-275:01 advisory. golang: HTTP/1.1 headers with a space before the colon leads to filter bypass or request smuggling CVE-2019-16276 golang: invalid public key causes...
Linux Distros Unpatched Vulnerability : CVE-2019-16276
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. CVE-2019-16276 Note that Nessus relies on the presence of the package as reported by th...
CVE-2019-16276 affecting package python-tensorboard for versions less than 2.16.2-2
CVE-2019-16276 affecting package python-tensorboard for versions less than 2.16.2-2. An upgraded version of the package is available that resolves this issue...
Oracle Linux 7 : kubernetes (ELSA-2019-4816)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4816 advisory. - CVE-2019-16276 Kubernetes Vulnerabilities Allow Authentication Bypass, DoS - CVE-2019-16276 Support patching flannel/dashboard on upgrade -...
SUSE CVE-2019-16276
Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling...
Debian: Security Advisory (DLA-2591-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2592-1] golang-1.8 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2592-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler March 13, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2591-1] golang-1.7 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2591-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler March 13, 2021 https://wiki.debian.org/LTS -...
CentOS 8 : go-toolset:rhel8 (CESA-2020:0329)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:0329 advisory. - golang: HTTP/1.1 headers with a space before the colon leads to filter bypass or request smuggling CVE-2019-16276 - golang: invalid public key causes...
Security Bulletin: Vulnerability in Go programming language affects IBM Spectrum Protect Server (CVE-2019-16276)
Summary The Go programming language could allow a remote attacker to bypass security restrictions which affects the IBM Spectrum Protect Server. Vulnerability Details CVEID: CVE-2019-16276 DESCRIPTION: Golang could allow a remote attacker to bypass security restrictions, caused by improper...
Security Bulletin: IBM Event Streams is affected by Go vulnerability CVE-2019-16276
Summary IBM Event Streams has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-16276 DESCRIPTION: Golang could allow a remote attacker to bypass security restrictions, caused by improper validation of HTTP header. By sending a specially-crafted request, an attacker cou...
Security Bulletin: A Security Vulnerability affects IBM Cloud Private - Go (CVE-2019-16276)
Summary A Security Vulnerability affects IBM Cloud Private - Go Vulnerability Details CVEID: CVE-2019-16276 DESCRIPTION: Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. CVSS Base score: 5.3 CVSS Temporal Score: See:...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.2.21 openshift/installer security update
An update for ose-installer-artifacts-container and ose-installer-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...
Security Bulletin: IBM API Connect is impacted by vulnerabilities in Golang (CVE-2019-17596 CVE-2019-16276)
Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-17596 DESCRIPTION: Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such...
RHEL 8 : go-toolset:rhel8 (RHSA-2020:0329)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0329 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: HTTP/1.1...
Moderate: Red Hat Security Advisory: go-toolset:rhel8 security update
An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
kubernetes security update
kubernetes 1.12.10-1.0.10 - CVE-2019-16276 Kubernetes Vulnerabilities Allow Authentication Bypass, DoS 1.12.10-1.0.9 - Define rolling update for flannel 1.12.10-1.0.8 - Modify flannel/dashboard image tags to use images that have the cve fix kubeadm-ha-setup 0.0.2-1.0.68 - Pull image prior to upda...
Amazon Linux 2 : golang, --advisory ALAS2-2020-1383 (ALAS-2020-1383)
The version of golang installed on the remote host is prior to 1.13.4-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1383 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C...
Amazon Linux AMI : golang (ALAS-2020-1336)
The version of golang installed on the remote host is prior to 1.13.4-1.57. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1336 advisory. It was discovered that net/http through net/textproto in golang does not correctly interpret HTTP requests where an HTTP header...