Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:45 p.m.5 views

CVE-2022-29804

Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack...

7.5CVSS9.4AI score0.0187EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/19 8:16 p.m.32 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to several issues due to go compiler ( CVE-2022-29804, CVE-2022-30580, CVE-2022-30629, CVE-2022-30634 )

Summary Golang compiler is used by IBM Cloud Pak for Data to build various binaries. CVE-2022-29804, CVE-2022-30580, CVE-2022-30629, CVE-2022-30634 Vulnerability Details CVEID:CVE-2022-29804 DESCRIPTION: Golang Go could allow a local attacker to bypass security restrictions, caused by a flaw in t...

7.8CVSS7.9AI score0.0187EPSS
Exploits2Affected Software1
OpenVAS
OpenVAS
added 2023/05/31 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2023:2312-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.9AI score0.05623EPSS
Exploits9References34
OpenVAS
OpenVAS
added 2022/11/14 12:0 a.m.36 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-2731)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.3AI score0.89436EPSS
Exploits15References4
Tenable Nessus
Tenable Nessus
added 2022/11/14 12:0 a.m.48 views

EulerOS 2.0 SP9 : golang (EulerOS-SA-2022-2731)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A spoofing vulnerability exists in the way Windows CryptoAPI Crypt32.dll validates Elliptic Curve Cryptography ECC certificates.An attacker coul...

8.1CVSS7.3AI score0.89436EPSS
Exploits15References5
OpenVAS
OpenVAS
added 2022/11/03 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-2651)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.9AI score0.02593EPSS
Exploits7References2
OSV
OSV
added 2022/08/10 8:15 p.m.7 views

AZL-79118 CVE-2022-29804 affecting package golang 1.25.7-1

Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack...

7.5CVSS6.9AI score0.0187EPSS
Exploits0References1
OSV
OSV
added 2022/08/10 8:15 p.m.1 views

BELL-CVE-2022-29804 CVE-2022-29804 does not affect BellSoft software

Bulletin has no description...

7.5CVSS7.1AI score0.0187EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/08/10 8:15 p.m.43 views

CVE-2022-29804

Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack...

7.5CVSS6.9AI score0.0187EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/08/09 12:0 a.m.23 views

CVE-2022-29804 Path traversal via Clean on Windows in path/filepath

Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack...

7.8AI score0.0187EPSS
Exploits0References5
CVE
CVE
added 2022/08/09 12:0 a.m.177 views

CVE-2022-29804

CVE-2022-29804 : The Go standard library’s filepath.Clean on Windows incorrectly converts certain invalid paths into valid absolute paths, enabling potential directory traversal. Affected: Go before 1.17.11 and Go before 1.18.3 on Windows. Root cause: incorrect path normalization in path/filepath...

7.5CVSS7.5AI score0.0187EPSS
Exploits0References5Affected Software1
ALT Linux
ALT Linux
added 2022/06/14 12:0 a.m.190 views

Security fix for the ALT Linux 10 package golang version 1.17.11-alt1.p10

1.17.11-alt1.p10 built June 14, 2022 Alexey Shabalin in task 301915 --- June 12, 2022 Alexey Shabalin - New version 1.17.11 Fixes: CVE-2022-30580, CVE-2022-30634, CVE-2022-30629, CVE-2022-29804...

3.3AI score0.0187EPSS
Exploits2
ALT Linux
ALT Linux
added 2022/06/12 12:0 a.m.156 views

Security fix for the ALT Linux 10 package golang version 1.18.3-alt1

June 12, 2022 Alexey Shabalin 1.18.3-alt1 - New version 1.18.3 Fixes: CVE-2022-30580, CVE-2022-30634, CVE-2022-30629, CVE-2022-29804...

7.9AI score0.0187EPSS
Exploits2
OpenVAS
OpenVAS
added 2022/06/08 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2022:2004-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.9AI score0.0187EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2022/06/08 12:0 a.m.26 views

openSUSE: Security Advisory for go1.18 (SUSE-SU-2022:2005-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS8.9AI score0.0187EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2022/06/08 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2022:2005-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.9AI score0.0187EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2022/06/08 12:0 a.m.43 views

SUSE SLED15 / SLES15 Security Update : go1.17 (SUSE-SU-2022:2004-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2004-1 advisory. - Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go...

7.8CVSS7.7AI score0.0187EPSS
Exploits2References14
Tenable Nessus
Tenable Nessus
added 2022/06/07 12:0 a.m.57 views

FreeBSD : go -- multiple vulnerabilities (15888c7e-e659-11ec-b7fe-10c37b4ac2ea)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 15888c7e-e659-11ec-b7fe-10c37b4ac2ea advisory. - The Go project reports: crypto/rand: rand.Read hangs with extremely large buffers On Windows...

7.8CVSS7.4AI score0.0187EPSS
Exploits2References10
Rows per page
Query Builder