Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:38 a.m.2 views

SUSE CVE-2017-15042

An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was...

5.9CVSS6.8AI score0.01105EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2017/10/06 12:19 a.m.27 views

CVE-2017-15042

It was found that smtp.PlainAuth authentication scheme in Go did not verify the TLS requirement properly. A remote man-in-the-middle attacker could potentially use this flaw to sniff SMTP credentials sent by a Go application...

5.9CVSS2.8AI score0.01105EPSS
Exploits0References1
OSV
OSV
added 2017/10/05 9:29 p.m.2 views

UBUNTU-CVE-2017-15042

An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was...

5.9CVSS6.5AI score0.01105EPSS
Exploits0References6
OSV
OSV
added 2017/10/05 9:29 p.m.7 views

AZL-79072 CVE-2017-15042 affecting package golang 1.25.7-1

An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was...

5.9CVSS6.5AI score0.01105EPSS
Exploits0References1
Rows per page
Query Builder