EUVD-2021-26466

Malware in sbrugna...

RHEL 7 : golang (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - golang: arbitrary command execution via VCS path CVE-2018-7187 - golang: Command-line arguments may...

Rocky Linux 8 : grafana (RLSA-2021:4226)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4226 advisory. - The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call...

GHSA-X279-68RR-JP4P Blst vulnerable to incorrect results for some inputs in blst_fp_eucl_inverse function

Impact Blst versions v0.3.0 to v0.3.2 can produce the incorrect outputs for some inputs to the blstfpeuclinverse function. This could theoretically result in the creation of an invalid signature from correct inputs. However, fuzzing of higher level functions such as sign and verify were unable to...

GO-2021-0235 Incorrect operations on the P-224 curve in crypto/elliptic

The P224 Curve implementation can in rare circumstances generate incorrect outputs, including returning invalid points from ScalarMult...

[SECURITY] [DSA 4848-1] golang-1.11 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4848-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 08, 2021 https://www.debian.org/security/faq -...

Insecure Cryptographic Functions

crypto/elliptic in github.com/golang/go uses Insecure Cryptographic Functions. The P224 Curve may generate incorrect outputs, including returning invalid points from ScalarMult...