CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-22166

Malicious code in bioql PyPI...

5.5CVSS7.2AI score0.00007EPSS

Exploits0References6

F5 Networks•added 2025/07/07 9:55 a.m.•7 views

K000152445: Golang vulnerability CVE-2024-24789

Security Advisory Description The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The...

5.5CVSS7.1AI score0.00007EPSS

Exploits0

Tenable Nessus•added 2024/09/12 12:0 a.m.•16 views

EulerOS 2.0 SP10 : golang (EulerOS-SA-2024-2437)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment...

5.5CVSS7.3AI score0.00007EPSS

Exploits0References2

OpenVAS•added 2024/08/09 12:0 a.m.•10 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-2083)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6AI score0.00007EPSS

Exploits0References2

Amazon•added 2024/07/01 12:0 a.m.•2 views

Medium: golang

Issue Overview: The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip...

9.8CVSS7.1AI score0.00172EPSS

Exploits0

OSV•added 2024/06/28 11:8 a.m.•2 views

OESA-2024-1771 golang security update

The Go Programming Language. Security Fixes: The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading t...

5.5CVSS6.9AI score0.00007EPSS

Exploits0References2

OSV•added 2024/06/28 11:8 a.m.•2 views

OESA-2024-1772 golang security update

5.5CVSS6.9AI score0.00007EPSS

Exploits0References2

RedhatCVE•added 2024/06/17 5:20 p.m.•23 views

CVE-2024-24789

A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next...

7.5CVSS5.1AI score0.00007EPSS

Exploits0References3

OSV•added 2024/06/07 7:19 a.m.•14 views

BIT-GOLANG-2024-24789 Mishandling of corrupt central directory record in archive/zip

The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects...

5.5CVSS6.1AI score0.00007EPSS

Exploits0References8

OSV•added 2024/06/05 4:15 p.m.•27 views

CVE-2024-24789

5.5CVSS5.3AI score

Exploits0References7

OSV•added 2024/06/05 4:15 p.m.•3 views

AZL-52663 CVE-2024-24789 affecting package golang for versions less than 1.22.3-1

5.5CVSS6.7AI score0.00007EPSS

Exploits0References1