19 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-28327
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input. CVE-2022-28327 Note that Nessus...
OESA-2025-1122 etcd security update
%expand: Security Fixes: encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.CVE-2022-24675 regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression.CVE-2022-24921 The gener...
BIT-GOLANG-2022-28327
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input...
SUSE CVE-2022-28327
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input...
Oracle Linux 8 : go-toolset:ol8addon (ELSA-2022-17956)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-17956 advisory. go-toolset 1.18.3-1 - Update to golang 1.18.3 golang 1.18.3-1.0.1 - Rebase to 1.18.3 by adding upstream patches to the 1.18.0 openssl-fips - Modify...
EulerOS 2.0 SP5 : golang (EulerOS-SA-2022-1890)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to...
Uncaught Exception
Overview std/crypto/elliptic is a Go standard library package std/crypto/elliptic Affected versions of this package are vulnerable to Uncaught Exception. Go Vulnerability Report: via the P256.ScalarMult or P256.ScalarBaseMult functions when provided with a crafted scalar input longer than 32 byte...
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.
...
SUSE SLED15 / SLES15 Security Update : go1.17 (SUSE-SU-2022:1411-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1411-1 advisory. - encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of...
Google Go has an unspecified vulnerability (CNVD-2022-55213)
Google Go is a statically strongly typed, compiled, concurrent, and garbage collected programming language from Google Google, U.S.A. A vulnerability exists in versions of Google Go prior to 1.17.9 and prior to 1.18.1, which stems from the generic P-256 feature in crypto/elliptic allowing long...
CVE-2022-28327
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input...
CVE-2022-28327
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input...
Input validation
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input...
UBUNTU-CVE-2022-28327
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input...
CVE-2022-28327
Removed by vendor...
CVE-2022-28327
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input...
CVE-2022-28327
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input...
CVE-2022-28327
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input...
CVE-2022-28327
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input...