Lucene search
+L

14 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2020-29510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows a...

9.8CVSS6.8AI score0.02047EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/20 11:33 a.m.21 views

Security Bulletin: IBM App Connect Enterprise Certified Container operator may be affected by CVE-2020-29510

Summary The operator for IBM App Connect Enterprise Certified Container may be affected by CVE-2020-29510 if the operator is made to process XML Vulnerability Details CVEID: CVE-2020-29510 DESCRIPTION: Golang Go could allow a remote attacker to bypass security restrictions, caused by the failure ...

9.8CVSS6.5AI score0.02047EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/06/04 12:0 a.m.56 views

Photon OS 3.0: Go PHSA-2021-3.0-0248

An update of the go package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0248. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

9.8CVSS7.8AI score0.03646EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2021/03/24 12:0 a.m.31 views

EulerOS 2.0 SP5 : golang (EulerOS-SA-2021-1678)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.CVE-2020-28366 - Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument...

9.8CVSS6.8AI score0.02369EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/03/24 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2021-1678)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.02369EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.38 views

EulerOS Virtualization 3.0.6.6 : golang (EulerOS-SA-2021-1480)

According to the versions of the golang packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection. CVE-2020-28366 - Go before 1.14.12 and 1.15.x before 1.15.5...

9.8CVSS6.8AI score0.02369EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/01/08 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2021-1006)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.02369EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/01/04 12:0 a.m.38 views

EulerOS 2.0 SP9 : golang (EulerOS-SA-2021-1025)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization...

9.8CVSS6.8AI score0.02369EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/01/04 12:0 a.m.43 views

EulerOS 2.0 SP9 : golang (EulerOS-SA-2021-1006)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization...

9.8CVSS6.8AI score0.02369EPSS
Exploits0References6
NVD
NVD
added 2020/12/14 8:15 p.m.23 views

CVE-2020-29510

The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

9.8CVSS9.3AI score0.02047EPSS
Exploits0References2
OSV
OSV
added 2020/12/14 8:15 p.m.4 views

DEBIAN-CVE-2020-29510

The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

5.6CVSS7.3AI score0.02047EPSS
Exploits0References1
OSV
OSV
added 2020/12/14 8:15 p.m.31 views

CVE-2020-29510

The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

5.6CVSS9.3AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2020/12/14 8:15 p.m.26 views

CVE-2020-29510

The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications...

9.8CVSS6.9AI score0.02047EPSS
Exploits0References2
CVE
CVE
added 2020/12/14 7:57 p.m.109 views

CVE-2020-29510

CVE-2020-29510 concerns the encoding/xml package in Go versions 1.15 and earlier, where tokenization round-trips fail to preserve directive semantics. This can let an attacker craft inputs that behave differently across processing stages in affected downstream applications. The connected OSV entr...

9.8CVSS6.1AI score0.02047EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder