14 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-29510
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows a...
Security Bulletin: IBM App Connect Enterprise Certified Container operator may be affected by CVE-2020-29510
Summary The operator for IBM App Connect Enterprise Certified Container may be affected by CVE-2020-29510 if the operator is made to process XML Vulnerability Details CVEID: CVE-2020-29510 DESCRIPTION: Golang Go could allow a remote attacker to bypass security restrictions, caused by the failure ...
Photon OS 3.0: Go PHSA-2021-3.0-0248
An update of the go package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0248. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
EulerOS 2.0 SP5 : golang (EulerOS-SA-2021-1678)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.CVE-2020-28366 - Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2021-1678)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.6 : golang (EulerOS-SA-2021-1480)
According to the versions of the golang packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection. CVE-2020-28366 - Go before 1.14.12 and 1.15.x before 1.15.5...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2021-1006)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : golang (EulerOS-SA-2021-1025)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization...
EulerOS 2.0 SP9 : golang (EulerOS-SA-2021-1006)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization...
CVE-2020-29510
The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...
DEBIAN-CVE-2020-29510
The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...
CVE-2020-29510
The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...
CVE-2020-29510
The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...
CVE-2020-29510
CVE-2020-29510 concerns the encoding/xml package in Go versions 1.15 and earlier, where tokenization round-trips fail to preserve directive semantics. This can let an attacker craft inputs that behave differently across processing stages in affected downstream applications. The connected OSV entr...