CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в golang-1.19

The handling of certain types of invalid zip files by the archive/zip package differs from the behavior of most zip implementations. This discrepancy could be exploited to create a zip file with contents that vary depending on the implementation used to read the file. The archive/zip package now...

5.5CVSS6.8AI score0.00007EPSS

Exploits0References2

Tenable Nessus•added 2025/12/27 12:0 a.m.•2 views

NewStart CGSL MAIN 7.02 : golang Multiple Vulnerabilities (NS-SA-2025-0254)

The remote NewStart CGSL host, running version MAIN 7.02, has golang packages installed that are affected by multiple vulnerabilities: - The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true...

9.8CVSS7AI score0.01018EPSS

Exploits0References25

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-22166

Malicious code in bioql PyPI...

5.5CVSS7.2AI score0.00007EPSS

Exploits0References6

Tenable Nessus•added 2025/08/18 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2021-41772

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename...

7.5CVSS7.8AI score0.00062EPSS

Exploits0References2

F5 Networks•added 2025/07/07 9:55 a.m.•7 views

K000152445: Golang vulnerability CVE-2024-24789

Security Advisory Description The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The...

5.5CVSS7.1AI score0.00007EPSS

Exploits0

Tenable Nessus•added 2024/09/12 12:0 a.m.•16 views

EulerOS 2.0 SP10 : golang (EulerOS-SA-2024-2437)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment...

5.5CVSS7.3AI score0.00007EPSS

Exploits0References2

OpenVAS•added 2024/08/09 12:0 a.m.•10 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-2083)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6AI score0.00007EPSS

Exploits0References2

OSV•added 2024/07/05 11:8 a.m.•3 views

OESA-2024-1791 golang security update

. Security Fixes: The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip...

5.5CVSS6.9AI score0.00007EPSS

Exploits0References2

Amazon•added 2024/07/01 12:0 a.m.•1 views

Medium: golang

Issue Overview: The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip...

9.8CVSS7.1AI score0.00172EPSS

Exploits0

OSV•added 2024/06/28 11:8 a.m.•2 views

OESA-2024-1771 golang security update

The Go Programming Language. Security Fixes: The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading t...

5.5CVSS6.9AI score0.00007EPSS

Exploits0References2

OSV•added 2024/06/28 11:8 a.m.•2 views

OESA-2024-1772 golang security update

5.5CVSS6.9AI score0.00007EPSS

Exploits0References2

OSV•added 2024/06/28 11:8 a.m.•2 views

OESA-2024-1769 golang security update

5.5CVSS6.9AI score0.00007EPSS

Exploits0References2

RedhatCVE•added 2024/06/17 5:20 p.m.•23 views

CVE-2024-24789

A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next...

7.5CVSS5.1AI score0.00007EPSS

Exploits0References3

OSV•added 2024/06/07 7:19 a.m.•14 views

BIT-GOLANG-2024-24789 Mishandling of corrupt central directory record in archive/zip

The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects...

5.5CVSS6.1AI score0.00007EPSS

Exploits0References8

OSV•added 2024/06/05 4:15 p.m.•27 views

CVE-2024-24789

5.5CVSS5.3AI score

Exploits0References7

OSV•added 2024/06/05 4:15 p.m.•2 views

AZL-52663 CVE-2024-24789 affecting package golang for versions less than 1.22.3-1

5.5CVSS6.7AI score0.00007EPSS

Exploits0References1