10 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-45340
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not...
openSUSE Security Advisory (SUSE-SU-2025:0285-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2025:0285-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-45340
Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected credentials stored in the users .netrc file...
CVE-2024-45340
Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected credentials stored in the users .netrc file...
CVE-2024-45340
creationtimestamp| type| source ---|---|--- 2025-01-28 01:27:08+00:00| seen| https://infosec.exchange/users/cve/statuses/113903378648184822 2025-01-28 02:16:11+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgrf5gxuw32t 2025-01-28 04:09:13+00:00| seen|...
CVE-2024-45340
CVE-2024-45340 is a Go-related vulnerability where credentials supplied via the new GOAUTH feature were not properly segmented by domain, enabling a malicious server to request credentials it should not access. By default, this affected credentials stored in the user’s .netrc file. The connected ...
CVE-2024-45340 GOAUTH credential leak in cmd/go
Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected credentials stored in the users .netrc file...
CVE-2024-45340
Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected credentials stored in the users .netrc file...
Golang 1.24 < 1.24rc2 Multiple Vulnerabilities
The version of Golang running on the remote host is 1.24 prior to 1.24rc2. It is, therefore, is affected by multiple vulnerabilities: - net/http: Sensitive headers are incorrectly sent after cross-domain redirect CVE-2024-45336 - cmd/go: GOAUTH credential leak due to improper domain segmentation...