SUSE CVE-2022-23773

🗓️ 15 Feb 2023 03:27:59Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 2 Views

Go before 1.16.14 and 1.17.x before 1.17.7 misclassify branches as tags, affecting branch versus tag access.

Reporter	Title	Published	Views	Family All 166
IBM Security Bulletins	Security Bulletin: Potential module resolution error in DataPower Operator	17 Jun 202221:14	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Data is vulnerable to a variety of issues due to 3rd party software	27 Sep 202417:52	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak	25 Aug 202202:03	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium Insights is affected by multiple vulnerabilities	8 Apr 202220:24	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Golang Go affect Cloud Pak System	21 Mar 202323:07	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Celery, Golang Go, and Python affect IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift	12 Mar 202203:21	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Linux Kernel, OpenSSL, Golang Go, and Zlib may affect IBM Spectrum Protect Plus	17 Sep 202206:09	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to incorrect access control in Golang Go (CVE-2022-23773)	12 Jan 202321:59	–	ibm
IBM Security Bulletins	Security Bulletin: Operations Dashboard is vulnerable to Go CVE-2022-23773	8 Apr 202214:47	–	ibm
IBM Security Bulletins	Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to attack under error due to Go CVE-2022-23773	5 May 202214:40	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
OpenSUSE Tumbleweed	–	any	go1.16	1.16.14-1.1	go1.16-1.16.14-1.1.noarch.rpm
OpenSUSE Leap	15.3	any	go1.16	1.16.14-1.43.1	go1.16-1.16.14-1.43.1.noarch.rpm
SUSE Linux Enterprise Real Time	15.2	any	go1.16	1.16.14-1.43.1	go1.16-1.16.14-1.43.1.noarch.rpm
SUSE Linux Enterprise Desktop	15.3	any	go1.16	1.16.14-1.43.1	go1.16-1.16.14-1.43.1.noarch.rpm
SUSE Linux Enterprise Server	15.2	any	go1.16	1.16.14-1.43.1	go1.16-1.16.14-1.43.1.noarch.rpm
SUSE Linux Enterprise Server	15.3	any	go1.16	1.16.14-1.43.1	go1.16-1.16.14-1.43.1.noarch.rpm
SUSE Linux Enterprise Server	15.4	any	go1.16	1.16.14-1.43.1	go1.16-1.16.14-1.43.1.noarch.rpm
SUSE Linux Enterprise Server	15.5	any	go1.16	1.16.14-1.43.1	go1.16-1.16.14-1.43.1.noarch.rpm
SUSE Linux Enterprise Server	15.6	any	go1.16	1.16.14-1.43.1	go1.16-1.16.14-1.43.1.noarch.rpm
SUSE Linux Enterprise Server	15.7	any	go1.16	1.16.14-1.43.1	go1.16-1.16.14-1.43.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2022-23773
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1195834
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-May/011007.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-July/011624.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-March/010376.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-March/010377.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-March/010351.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-March/010358.html
lists	www.lists.opensuse.org/archives/list/[email protected]/thread/OPXUBD6DBIW4WEXMYCUH5OXEVJIKJHR4/

18 Aug 2025 01:33Current

8.6High risk

Vulners AI Score8.6

CVSS 3.15

EPSS0.02676

go versions branch tag confusion access control error security vulnerability