15 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-45340
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not...
The vulnerability of the cmd/go component of the GOAUTH function in the Golang programming language library allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the cmd/go function GOAUTH in the Golang programming language library is related to insufficient protection for registration data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
BIT-GOLANG-2024-45340
Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected credentials stored in the users .netrc file...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.24 (SUSE-SU-2025:0285-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0285-1 advisory. This update ships go1.24rc2 bsc1236217. - CVE-2024-45341: Properly check for IPv6 hosts in URIs...
CVE-2024-45340
Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected credentials stored in the users .netrc file...
CVE-2024-45340
Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected credentials stored in the users .netrc file...
CVE-2024-45340
CVE-2024-45340 is a Go-related vulnerability where credentials supplied via the new GOAUTH feature were not properly segmented by domain, enabling a malicious server to request credentials it should not access. By default, this affected credentials stored in the user’s .netrc file. The connected ...
CVE-2024-45340 GOAUTH credential leak in cmd/go
Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected credentials stored in the users .netrc file...
CVE-2024-45340 GOAUTH credential leak in cmd/go
Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected credentials stored in the users .netrc file...
CVE-2024-45340
Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected credentials stored in the users .netrc file...
GO-2025-3383 GOAUTH credential leak in cmd/go
Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected credentials stored in the users .netrc file...
SUSE CVE-2024-45340
Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless otherwise set, this only affected credentials stored in the users .netrc file...
PT-2025-2691 · Softwarex +1 · Softwarex +1
Name of the Vulnerable Software and Affected Versions: SoftwareX affected versions not specified Description: The issue concerns the new GOAUTH feature, where credentials were not properly segmented by domain. This allowed a malicious server to request credentials it should not have access to. By...
WordPress GOAuth Plugin <= 2.20 is vulnerable to Cross Site Scripting (XSS)
Software GOAuth Type Plugin Vulnerable versions = 2.20 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1aeda2a1b24f Credits Rafie Muhammad Patchstack Required privilege...
WordPress GOAuth plugin <= 2.19 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress GOAuth plugin versions = 2.19. Solution Update the WordPress GOAuth plugin to the latest available version at least 2.20...