Lucene search
K

25 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:14 a.m.8 views

CVE-2022-41716

Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavi...

7.5CVSS6.6AI score0.00778EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2022-41716

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid...

7.5CVSS6.7AI score0.00778EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/05/31 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2023:2312-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.9AI score0.05623EPSS
Exploits9References34
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/31 5:9 p.m.41 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in Golang Go (CVE-2022-41716)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in Golang Go caused by improper checking for invalid environment variable values in syscall CVE-2022-41716. Golang Go is included as an operator as part of the Base OS used by o...

7.5CVSS7.3AI score0.00778EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/16 3:24 p.m.45 views

Security Bulletin: CVE-2022-2879, CVE-2022-41715, CVE-2022-2880, CVE-2022-41717, CVE-2022-41716 may affect IBM CICS TX Advanced

Summary Multiple CVEs - CVE-2022-2879, CVE-2022-41715, CVE-2022-2880, CVE-2022-41717, CVE-2022-41716 may affect IBM CICS TX Advanced . IBM CICS TX Advanced has addressed the applicable CVEs. Relevant go related packages have been upgraded. Vulnerability Details CVEID:CVE-2022-2879 DESCRIPTION:...

7.5CVSS7.2AI score0.05623EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/03/07 12:0 a.m.43 views

Oracle Linux 8 : ol8addon (ELSA-2023-18908)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-18908 advisory. - Addresses CVE-2021-34558 - Include patch to fix CVE-2019-9741 - Fixes CVE-2019-6486 - Fixes CVE-2018-16873, CVE-2018-16874, CVE-2018-16875 - Fix...

9.8CVSS6.7AI score0.66252EPSS
Exploits3References9
OpenVAS
OpenVAS
added 2023/02/10 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-1357)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.01544EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.40 views

Amazon Linux 2 : golist (ALAS-2023-1913)

The version of golist installed on the remote host is prior to 0.10.1-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1913 advisory. Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to...

7.5CVSS7AI score0.01544EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2023/01/09 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-1035)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.01544EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/01/09 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-1124)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.01544EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/01/09 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-1010)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.01544EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/12/09 12:0 a.m.35 views

Amazon Linux 2022 : golang (ALAS2022-2022-239)

The version of golang installed on the remote host is prior to 1.19.3-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-239 advisory. - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read t...

7.5CVSS7AI score0.01544EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/12/07 12:0 a.m.37 views

Amazon Linux 2 : golang (ALAS-2022-1887)

The version of golang installed on the remote host is prior to 1.18.8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1887 advisory. Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to...

7.5CVSS7AI score0.01544EPSS
Exploits0References7
Mageia
Mageia
added 2022/11/27 8:51 p.m.61 views

Updated golang packages fix security vulnerability

Fixed unsanitized NUL in environment variables in syscalls, os/exec go56327 bsc1204941. CVE-2022-41716 runtime: lock count" fatal error when cgo is enabled go56308...

7.5CVSS2.2AI score0.00778EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/11/19 12:0 a.m.38 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.18 (SUSE-SU-2022:4055-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4055-1 advisory. Update to go 1.18.8 released 2022-11-01 bsc1193742: Security fixes: - CVE-2022-41716: Fixed unsanitized N...

7.5CVSS6.9AI score0.00778EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/11/18 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2022:4055-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.00778EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/11/18 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2022:4054-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.00778EPSS
Exploits0References2
OSV
OSV
added 2022/11/17 2:37 p.m.7 views

SUSE-SU-2022:4055-1 Security update for go1.18

This update for go1.18 fixes the following issues: Update to go 1.18.8 released 2022-11-01 bsc1193742: Security fixes: - CVE-2022-41716: Fixed unsanitized NUL in environment variables in syscalls, os/exec go56327 bsc1204941. Bugfixes: - runtime: lock count' fatal error when cgo is enabled go56308...

7.5CVSS7.6AI score0.00778EPSS
Exploits0References4
ALT Linux
ALT Linux
added 2022/11/03 12:0 a.m.44 views

Security fix for the ALT Linux 10 package golang version 1.19.3-alt1

Nov. 3, 2022 Alexey Shabalin 1.19.3-alt1 - New version 1.19.3 Fixes: CVE-2022-41716...

7.7AI score0.00778EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2022/11/02 4:15 p.m.46 views

CVE-2022-41716

Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavi...

7.5CVSS6.7AI score0.00778EPSS
Exploits0References4
Rows per page
Query Builder