11 matches found
EulerOS 2.0 SP13 : golang (EulerOS-SA-2025-2500)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a...
EulerOS 2.0 SP10 : golang (EulerOS-SA-2025-2386)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath '', '.', a...
EulerOS 2.0 SP12 : golang (EulerOS-SA-2025-2358)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can...
EulerOS 2.0 SP10 : golang (EulerOS-SA-2025-2414)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath '', '.', a...
Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2025-1161)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1161 advisory. os/exec: LookPath may return unexpected paths. If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath , ., and...
OESA-2025-2182 golang security update
. Security Fixes: The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS e.g. Git, but contains metadata for another VC...
OESA-2025-2180 golang security update
. Security Fixes: A vulnerability was found in Google Go up to 1.23.11/1.24.5 Programming Language Software. It has been declared as problematic.The manipulation of the argument PATH with an unknown input leads to a unknown weakness.As an impact it is known to affect integrity.Upgrading to versio...
AZL-66150 CVE-2025-47907 affecting package golang for versions less than 1.23.12-1
Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with...
UBUNTU-CVE-2025-21729
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix race between cancelhwscan and hwscan completion The rtwdev-scanning flag isn't protected by mutex originally, so cancelhwscan can pass the condition, but suddenly hwscan completion unset the flag and calls...
CVE-2024-35946 wifi: rtw89: fix null pointer access when abort scan
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan During cancel scan we might use vif that weren't scanning. Fix this by using the actual scanning vif...
Qualys Cloud Platform (VM, PC) 8.17 New Features
Qualys Cloud Platform VM, PC version 8.17 contains various feature enhancements in Qualys Vulnerability Management and Qualys Policy Compliance. In addition, this release also lowers the time required before pausing or canceling an ongoing scan. Previously, scheduled scans could be cancelled or...