Lucene search
K

50 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/06/27 7:38 p.m.2 views

Security Bulletin: IBM Storage Ceph is vulnerable to Code Injection in Golang (CVE-2023-29402)

Summary Golang is used by IBM Storage Ceph in Grafana. CVE-2023-29402 This bulletin identifies the steps to take to address the vulnerability in Golang. Vulnerability Details CVEID:CVE-2023-29402 DESCRIPTION: The go command may generate unexpected code at build time when using cgo. This may resul...

9.8CVSS7.2AI score0.01708EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.12 views

Alibaba Cloud Linux 3 : 0055: go-toolset:rhel8 (ALINUX3-SA-2023:0055)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0055 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-29402: The go command may generat...

9.8CVSS7.5AI score0.01837EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 4:3 a.m.85 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for October 2023

Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF026 and 23.0.1-IF004. Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: python-requests could allow a remote attacker to obtain sensitive information, caused by the leaking of...

9.8CVSS10AI score0.60679EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:57 a.m.47 views

Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for Watson AIOps version 4.2.0 Vulnerability Details CVEID:CVE-2023-24539 DESCRIPTION: Go is vulnerable to HTML injection. A remote attacker could inject malicious HTML code into a template containing multiple actions separated by a...

9.8CVSS9.7AI score0.01837EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.16 views

Azure Linux 3.0 Security Update: golang / msft-golang (CVE-2023-29402)

The version of golang / msft-golang installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-29402 advisory. - The go command May generate unexpected code at build time when using cgo. This May result in...

9.8CVSS7AI score0.01708EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2024/08/14 8:43 p.m.21 views

CVE-2023-29402 affecting package golang for versions less than 1.22.7-2

CVE-2023-29402 affecting package golang for versions less than 1.22.7-2. An upgraded version of the package is available that resolves this issue...

9.8CVSS9.7AI score0.01708EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/06/26 9:22 a.m.57 views

Important: Red Hat Security Advisory: Updated rhceph-5.3 container image and security update

Updated rhceph-5.3 container image is now available in the Red Hat Ecosystem Catalog. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.3AI score0.01837EPSS
Exploits0References14
CBLMariner
CBLMariner
added 2024/02/25 3:0 a.m.37 views

CVE-2023-29402 affecting package golang for versions less than 1.21.6-1

CVE-2023-29402 affecting package golang for versions less than 1.21.6-1. A patched version of the package is available...

9.8CVSS8.7AI score0.01708EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/02/25 3:0 a.m.12 views

CVE-2023-29402 affecting package golang for versions less than 1.21.6-1

CVE-2023-29402 affecting package golang for versions less than 1.21.6-1. A patched version of the package is available...

9.8CVSS9.8AI score0.01708EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.30 views

EulerOS 2.0 SP10 : golang (EulerOS-SA-2023-2786)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization...

9.8CVSS7.5AI score0.02081EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.35 views

EulerOS 2.0 SP11 : golang (EulerOS-SA-2023-2842)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which...

9.8CVSS7.5AI score0.01837EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/12/27 12:0 a.m.89 views

Oracle TimesTen 18.x < 18.1.4.39.0, 22.x < 22.1.1.18.0 Multiple Vulnerabilities (October 2023 CPU)

The version of Oracle TimesTen installed on the remote host is 18.x prior to 18.1.4.39.0 or 22.x prior to 22.1.1.18.0. It is, therefore, affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory: - Security-in-Depth issue in the TimesTen In-Memory Database product of...

9.8CVSS6.8AI score0.02459EPSS
Exploits1References7
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/10 8:58 p.m.52 views

Security Bulletin: Multiple vulnerabilities affect IBM Db2® REST

Summary IBM has released the below fix for IBM Db2® REST in response to multiple vulnerabilities found in multiple components. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-29402 DESCRIPTION: Golang Go could allow a remote attacker to execute arbitrary code on the...

9.8CVSS10AI score0.01837EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/29 8:59 p.m.44 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution in Golang Go [CVE-2023-29402]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution in Golang Go, caused by the generation of unexpected code at build time when using cgo CVE-2023-29402. Golang Go is included as part of the operators used by our Speech Services. This...

9.8CVSS9.8AI score0.01708EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/25 5:11 p.m.51 views

Security Bulletin: IBM Storage Protect Server is susceptible to numerous vulnerabilities due to Golang Go (CVE-2023-29402, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405, CVE-2023-29406, CVE-2023-29400, CVE-2023-24540, CVE-2023-24539, X-Force 250518)

Summary Golang Go is used by the IBM Storage Protect Server OSSM component. The vulnerabilities in the product component have been addressed. Vulnerability Details CVEID:CVE-2023-29403 DESCRIPTION: Golang Go could allow a local authenticated attacker to gain elevated privileges on the system,...

9.8CVSS9.8AI score0.01837EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2023/09/20 12:0 a.m.39 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-2842)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.01837EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/09/20 12:0 a.m.36 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-2859)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.01837EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/09/11 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-2786)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.02081EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/09/11 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-2810)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.02081EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2023/08/30 3:15 p.m.173 views

CVE-2023-29402 affecting package golang for versions less than 1.20.7-1

CVE-2023-29402 affecting package golang for versions less than 1.20.7-1. A patched version of the package is available...

9.8CVSS9.7AI score0.01708EPSS
Exploits0
Rows per page
Query Builder