Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-45284

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as COM1 , and reserved...

5.3CVSS7.1AI score0.00903EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/01 5:51 p.m.52 views

Security Bulletin: Vulnerabilities in Golang Go affect IBM Cloud Pak System

Summary Vulnerabilities in Golang Go affect IBM Cloud Pak System. CVE-2023-45284, CVE-2023-45283 Vulnerability Details CVEID:CVE-2023-45284 DESCRIPTION: Golang Go could provide weaker than expected security, caused by the failure to correctly detect reserved device names in some cases by the...

7.5CVSS6.4AI score0.02758EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.30 views

Photon OS 4.0: Go PHSA-2023-4.0-0531

An update of the go package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0531. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid204491...

7.5CVSS7.6AI score0.02758EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/11 9:37 p.m.39 views

Security Bulletin: IBM Cloud Pak for Data Scheduling is vulnerable to directory traversal due to golang compiler ( CVE-2023-45283,CVE-2023-45284, CVE-2023-45285 )

Summary Golang compiler is used by IBM Cloud Pak for Data Scheduling to create the scheduler binaries. Vulnerability Details CVEID:CVE-2023-45283 DESCRIPTION: Golang Go could allow a remote attacker to traverse directories on the system, caused by the failure to recognize paths with a ??\ prefix...

7.5CVSS6.6AI score0.02758EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.29 views

openSUSE: Security Advisory for go1.21 (SUSE-SU-2023:4709-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.01208EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.26 views

openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:4470-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.02758EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.29 views

openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:4708-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.01208EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.28 views

openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:4930-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.01208EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.38 views

openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:4472-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.6AI score0.99999EPSS
Exploits19References4
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.46 views

openSUSE: Security Advisory for go1.21 (SUSE-SU-2023:4469-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.99999EPSS
Exploits19References4
CBLMariner
CBLMariner
added 2024/02/25 3:0 a.m.90 views

CVE-2023-45284 affecting package golang for versions less than 1.21.6-1

CVE-2023-45284 affecting package golang for versions less than 1.21.6-1. A patched version of the package is available...

5.3CVSS6.5AI score0.00903EPSS
Exploits0
Amazon
Amazon
added 2024/01/09 12:0 a.m.45 views

Medium: golang

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

7.5CVSS7AI score0.02758EPSS
Exploits0
OSV
OSV
added 2023/12/20 2:25 p.m.7 views

SUSE-SU-2023:4930-1 Security update for go1.20-openssl

This update for go1.20-openssl fixes the following issues: Update to version 1.20.12.1: - CVE-2023-45285: cmd/go: git VCS qualifier in module path uses git:// scheme bsc1217834. - CVE-2023-45284: path/filepath: Clean removes ending slash for volume on Windows in Go 1.21.4 bsc1216943. -...

7.5CVSS6AI score0.01208EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/12/12 12:0 a.m.30 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.20 (SUSE-SU-2023:4708-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4708-1 advisory. Update to go1.20.12: - CVE-2023-45285: cmd/go: git VCS qualifier in module path uses git:// sche...

7.5CVSS6.8AI score0.01208EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2023/11/17 12:0 a.m.29 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.20 (SUSE-SU-2023:4470-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4470-1 advisory. go1.20.11 released 2023-11-07 includes security fixes to the path/filepath package, as well as b...

7.5CVSS6.7AI score0.02758EPSS
Exploits0References8
OSV
OSV
added 2023/11/16 6:1 p.m.28 views

SUSE-SU-2023:4472-1 Security update for go1.20-openssl

This update for go1.20-openssl fixes the following issues: Update to version 1.20.11.1 cut from the go1.20-openssl-fips branch at the revision tagged go1.20.11-1-openssl-fips. Update to go1.20.11 go1.20.11 released 2023-11-07 includes security fixes to the path/filepath package, as well as bug...

8.1CVSS8.2AI score0.99999EPSS
Exploits19References11
OSV
OSV
added 2023/11/16 5:59 p.m.28 views

SUSE-SU-2023:4469-1 Security update for go1.21-openssl

This update for go1.21-openssl fixes the following issues: Update to version 1.21.4.1 cut from the go1.21-openssl-fips branch at the revision tagged go1.21.4-1-openssl-fips. Update to go1.21.4 go1.21.4 released 2023-11-07 includes security fixes to the path/filepath package, as well as bug fixes ...

9.8CVSS7.9AI score0.99999EPSS
Exploits19References23
CVE
CVE
added 2023/11/09 4:30 p.m.159 views

CVE-2023-45284

CVE-2023-45284 concerns Windows path/filepath IsLocal misclassification of reserved device names. In affected builds, names like COM1 (with trailing space) or COM/LPT followed by superscript digits could be incorrectly treated as local, enabling local checks to pass when they should not. The fix ...

5.3CVSS6.2AI score0.00903EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/11/09 4:30 p.m.28 views

CVE-2023-45284 Incorrect detection of reserved device names on Windows in path/filepath

On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as "COM1 ", and reserved names "COM" and "LPT" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now correctly reports the...

6.5AI score0.00903EPSS
Exploits0References4
Rows per page
Query Builder