Astra Linux - уязвимость в golang-1.19, golang-1.23

Canceling a query for example, by canceling the context passed to one of the query methods during a call to the Scan method of the returned Rows can lead to unexpected results if other queries are being executed in parallel. This can cause a race condition, which may overwrite the expected result...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

Security Bulletin: A vulnerability in grpc affects IBM Robotic Process Automation and may result in unexpected results (CVE-2025-47907).

Summary A vulnerability in grpc affects IBM Robotic Process Automation and may result in unexpected results CVE-2025-47907. grpc is used by IBM Robotic Process Automation as part of Watson NLP. This bulletin identifies the fixes required to address this vulnerability. Vulnerability Details...

MiracleLinux 9 : podman-5.6.0-6.el9_7 (AXSA:2025-11464:11)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11464:11 advisory. database/sql: Postgres Scan Race Condition CVE-2025-47907 podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has...

EulerOS 2.0 SP11 : golang (EulerOS-SA-2025-2481)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.CVE-2025-4673 If...

EulerOS 2.0 SP11 : golang (EulerOS-SA-2025-2462)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.CVE-2025-4673 If...

EulerOS 2.0 SP13 : golang (EulerOS-SA-2025-2521)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a...

AlmaLinux 9 : podman (ALSA-2025:20909)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:20909 advisory. database/sql: Postgres Scan Race Condition CVE-2025-47907 podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted t...

Moderate: Red Hat Security Advisory: go-toolset:rhel8 security update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

RHEL 8 : go-toolset:rhel8 (RHSA-2025:21384)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21384 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: database/sql: Postgres Sca...

RHEL 8 : go-toolset:rhel8 (RHSA-2025:21385)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21385 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: database/sql: Postgres Sca...

Moderate: Red Hat Security Advisory: Release of containers for RHOSO 18.0.14

Red Hat OpenStack Services on OpenShift RHOSO 18.0.14 containers are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

EulerOS 2.0 SP12 : golang (EulerOS-SA-2025-2327)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

RHEL 9 : podman (RHSA-2025:20909)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:20909 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use...

ALSA-2025:20983 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: database/sql: Postgres Scan Race Condition CVE-2025-47907 podman: Podman kube play comman...

OESA-2025-2233 skopeo security update

A command line utility that performs various operations on container images and image repositories Security Fixes: A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing...

Important: golang

Issue Overview: os/exec: LookPath may return unexpected paths. If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

OESA-2025-2183 golang security update

. Security Fixes: A vulnerability was found in Google Go up to 1.23.11/1.24.5 Programming Language Software. It has been declared as problematic.The manipulation of the argument PATH with an unknown input leads to a unknown weakness.As an impact it is known to affect integrity.Upgrading to versio...