8 matches found
Amazon Linux 2 : golang, --advisory ALAS2-2026-3259 (ALAS-2026-3259)
The version of golang installed on the remote host is prior to 1.25.9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3259 advisory. SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at...
SUSE-SU-2026:21355-1 Security update for go1.25
This update for go1.25 fixes the following issues: - Update to version go1.25.9 bsc1244485. - CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG bsc1261653. - CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination bsc1261654. - CVE-2026-27144:...
Security update for go1.25
This update for go1.25 fixes the following issues: Update to go1.25.9 bsc1244485. CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG bsc1261653. CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination bsc1261654. CVE-2026-27144: cmd/compile: no-op...
CVE-2025-68243
The CVE affects the Linux kernel NFS client TLS/X.509 handling in nfs_match_client(). When RPC_XPRTSEC_TLS_X509 is used, the cert_serial and privkey_serial fields must match to validate the client identity; otherwise, there can be unintended session reuse. The issue has been resolved in the Linux...
Linux Distros Unpatched Vulnerability : CVE-2022-3996
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some...
Security update for go1.24-openssl
This update for go1.24-openssl fixes the following issues: Update to version 1.24.4 bsc1236217: CVE-2025-22874 crypto/x509: ExtKeyUsageAny bypasses policy validation bsc1244158. CVE-2025-0913 os: inconsistent handling of OCREATE|OEXCL on Unix and Windows bsc1244157. CVE-2025-4673 net/http:...
RHEL 9 : openssl (RHSA-2023:3722)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3722 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...
Moderate: openssl security and bug fix update
OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Possible DoS translating ASN.1 object identifiers CVE-2023-2650 openssl: Denial of service by...