44 matches found
Alibaba Cloud Linux 3 : 0060: go-toolset:rhel8 (ALINUX3-SA-2021:0060)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0060 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-14809: net/url in Go before 1.11....
CVE-2020-28366 affecting package python-tensorboard for versions less than 2.16.2-1
CVE-2020-28366 affecting package python-tensorboard for versions less than 2.16.2-1. An upgraded version of the package is available that resolves this issue...
BELL-CVE-2020-28366 CVE-2020-28366 does not affect BellSoft software
Bulletin has no description...
SUSE CVE-2020-28366
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2021-2582)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : golang (EulerOS-SA-2021-2582)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection. CVE-2020-28366 Note that Tenable Network Security has extracted the preceding...
CVE-2020-28366 affecting package golang 1.13.15-2
CVE-2020-28366 affecting package golang 1.13.15-2. An upgraded version of the package is available that resolves this issue...
SUSE: Security Advisory (SUSE-SU-2020:3368-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:3369-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : golang (EulerOS-SA-2021-1678)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.CVE-2020-28366 - Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2021-1678)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.6 : golang (EulerOS-SA-2021-1480)
According to the versions of the golang packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection. CVE-2020-28366 - Go before 1.14.12 and 1.15.x before 1.15.5...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Go
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Go. Vulnerability Details CVEID: CVE-2020-28362 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by improper input validation by the math/big.Int methods. By sending a specially-crafted...
Security Bulletin: IBM MQ certified container software is vulnerable to multiple vulnerabilities within Golang Go (CVE-2020-28367, CVE-2020-28366)
Summary Multiple injection vulnerabilities were discovered in golang which is used to create the control programs used by IBM MQ certified containers, and the IBM MQ Operator. Vulnerability Details CVEID: CVE-2020-28367 DESCRIPTION: Golang Go could allow a remote attacker to execute arbitrary cod...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2021-1144)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : go-toolset:rhel8 (CESA-2020:5493)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:5493 advisory. - golang: default Content-Type setting in net/http/cgi and net/http/fcgi could cause XSS CVE-2020-24553 - golang: math/big: panic during recursive...
EulerOS 2.0 SP8 : golang (EulerOS-SA-2021-1144)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.CVE-2020-28366 - Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument...
Security Bulletin: IBM Cloud Pak for Integration is affected by multiple Go vulnerabilities
Summary IBM Cloud Pak for Integration is vulnerable to Go CVE-2020-28366, CVE-2020-28362, CVE-2020-28367 Vulnerability Details CVEID: CVE-2020-28366 DESCRIPTION: Golang Go could allow a remote attacker to execute arbitrary code on the system, caused by a code injection flaw in go command when cgo...
Medium: golang
Issue Overview: Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. CVE-2020-28362 Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection. CVE-2020-28366 Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection. CVE-2020-28367 Affected Packages: golang Issue...
Moderate: Red Hat Security Advisory: Red Hat OpenShift Serverless Client kn 1.12.0
Red Hat OpenShift Serverless Client kn 1.12.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the C...