9 matches found
RHEL 9 : mcg (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding CVE-2022-41723 Note that Nessus has...
Rocky Linux 9 : golang (RLSA-2024:2562)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2562 advisory. - An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining...
Oracle Linux 8 : grafana (ELSA-2024-1646)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1646 advisory. 9.2.10-8 - Rebuild with latest version of golang - resolves CVE-2024-1394 Tenable has extracted the preceding description block directly from the Oracle Linux...
RHEL 9 : Red Hat build of MicroShift 4.14.19 (RHSA-2024:1566)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1566 advisory. Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the ed...
Rocky Linux 8 : go-toolset:rhel8 (RLSA-2024:1472)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:1472 advisory. - A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled...
Oracle Linux 9 : grafana-pcp (ELSA-2024-1502)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1502 advisory. 5.1.1-2 - Rebuild with latest version of golang - resolves CVE-CVE-2024-1394 Tenable has extracted the preceding description block directly from the Oracle Linu...
RHEL 8 : go-toolset:rhel8 (RHSA-2024:1472)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1472 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang-fips/openssl: Memory...
Oracle Linux 9 : golang (ELSA-2024-1462)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1462 advisory. - Fix CVE-2024-1394 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...
PT-2024-2419 · Golang +4 · Golang +4
Name of the Vulnerable Software and Affected Versions: Golang affected versions not specified Description: A memory leak flaw was found in Golang's RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in...