476 matches found
RHCOS 4 : OpenShift Container Platform 4.10.25 (RHSA-2022:5729)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5729 advisory. - golang: cmd/go: misinterpretation of branch names can lead to incorrect access control CVE-2022-23773 - golang: crypto/elliptic:...
TencentOS Server 3: go-toolset:rhel8 (TSSA-2022:0131)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0131 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Fedora 37 : golang (2022-bf188fb91a)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-bf188fb91a advisory. Automatic update for golang-1.18.4-1.fc37. Changelog Wed Jul 13 2022 Alejandro Sez - 1.18.4-1 - Update to 1.18.4 Sun Jun 19 2022 Robert-Andr Mauchin...
RHEL 8 : Release of OpenShift Serverless Client kn 1.24.0 (Important) (RHSA-2022:6042)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6042 advisory. Red Hat OpenShift Serverless Client kn 1.24.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.24.0. The kn CLI is delivered a...
RHEL 8 : Red Hat OpenShift Enterprise (RHSA-2023:3914)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3914 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
Rocky Linux 8 : go-toolset:rhel8 (RLSA-2022:5337)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5337 advisory. - encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. CVE-2022-24675 - regexp.Compile ...
Security Bulletin: IBM Storage Ceph is vulnerable to a stack overflow attack in Golang (CVE-2022-24675)
Summary Golang is used by IBM Storage Ceph as part of RGW and in assorted other locations. CVE-2022-24675 Vulnerability Details CVEID: CVE-2022-24675 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a stack-based buffer overflow in encoding/pem in the Decode feature. By...
Important: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update
Red Hat OpenShift Container Platform release 4.11.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a...
SUSE: Security Advisory (SUSE-SU-2023:2312-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: Service Telemetry Framework 1.5 security update
An update is now available for Service Telemetry Framework 1.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Important: golang-github-cpuguy83-md2man
Issue Overview: 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling,...
CBL Mariner 2.0 Security Update: golang (CVE-2022-24675)
The version of golang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-24675 advisory. - encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of...
Security Bulletin: Multiple vulnerabilities in Go may affect IBM CICS TX Standard
Summary Following vulnerabilities in Go may affect IBM CICS TX Standard - CVE-2021-29923, CVE-2022-1705, CVE-2022-1962, CVE-2022-24675, CVE-2022-27664, CVE-2022-28131, CVE-2022-28327, CVE-2022-30580, CVE-2022-30629, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635,...
Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has applied security fixes for its use of Golang Go (CVE-2022-24921, CVE-2022-28327, CVE-2022-24675)
Summary IBM Cloud Pak for Multicloud Management Monitoring has patched its use of Golang Go due to vulnerabilities with that runtime. Vulnerability Details CVEID:CVE-2022-24921 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by improper input validation. By using a...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Golang Go (CVE-2022-24675)
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Golang Go, caused by a stack-based buffer overflow in encoding/pem in the Decode feature CVE-2022-24675. A remote attacker could exploit this vulnerability to cause the program to crash...
Fedora: Security Advisory for android-tools (FEDORA-2022-9a9a638d09)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security Bulletin: IBM App Connect Enterprise Certified Container operator and IntegrationServer operands may be vulnerable to denial of service due to CVE-2022-24675
Summary The IBM App Connect Enterprise Certified Container operator and IntegrationServer operands utilise Golang Go. The IBM App Connect Enterprise Certified Container operator and IntegrationServer operands may be vulnerable to denial of service. This bulletin provides patch information to...
Fedora: Security Advisory for golang-github-distribution-3 (FEDORA-2022-13ad572b5a)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for golang-github-distribution-3 (FEDORA-2022-739c7a0058)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
EulerOS 2.0 SP3 : golang (EulerOS-SA-2022-2610)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. CVE-2022-24675 - The gener...