4 matches found
RHEL 8 : Release of OpenShift Serverless Client kn 1.20.0 (Moderate) (RHSA-2022:0432)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0432 advisory. Red Hat OpenShift Serverless Client kn 1.20.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.20.0. The kn CLI is delivered a...
golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet
A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...
Moderate: go-toolset:rhel8 security update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet CVE-2021-29923 For more details about the security issues, including the...
UBUNTU-CVE-2021-29923
Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which in some situations allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR...