Linux Distros Unpatched Vulnerability : CVE-2023-45285

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Using go get to fetch a module with the .git suffix may unexpectedly fallback to the insecure git:// protocol if the module is unavailable via the secure https:...

BIT-GOLANG-2023-45285 Command 'go get' may unexpectedly fallback to insecure git in cmd/go

Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. This only affects users who are not using the module...

RHEL 9 : golang (RHSA-2024:1131)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1131 advisory. The golang packages provide the Go programming language compiler. Security Fixes: golang: net/http/internal: Denial of Service DoS via...

CVE-2023-45285

Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. This only affects users who are not using the module...

CVE-2023-45285

Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. This only affects users who are not using the module...

PT-2023-8188 · Go +9 · Go +9

Name of the Vulnerable Software and Affected Versions: Go versions prior to 1.21.5 Go versions prior to 1.20.12 Description: The issue is related to the use of the "go get" command to fetch modules with the ".git" suffix. If the module is unavailable via secure protocols, it may fallback to the...