Search CVE reports

Toggle filters

61 – 64 of 64 results

CVE-2022-29526

Medium priority

Some fixes available 6 of 19

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.

11 affected packages

golang, golang-1.10, golang-1.13, golang-1.14, golang-1.15...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang Not in release Not in release Not in release Not in release
golang-1.10 Not in release Not in release Not in release Needs evaluation
golang-1.13 Not in release Not affected Not affected Not affected
golang-1.14 Not in release Not in release Needs evaluation Not in release
golang-1.15 Not in release Not in release
golang-1.16 Not in release Not in release Fixed Fixed
golang-1.17 Not in release Needs evaluation Not in release Not in release
golang-1.18 Not in release Fixed Fixed Fixed
golang-1.6 Not in release Not in release Not in release Not in release
golang-1.8 Not in release Not in release Not in release Needs evaluation
golang-1.9 Not in release Not in release Not in release Needs evaluation
Show all 11 packages Show less packages

CVE-2022-28327

Medium priority

Some fixes available 4 of 6

The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.

2 affected packages

golang-1.17, golang-1.18

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-1.17 Not in release Needs evaluation
golang-1.18 Not in release Fixed Fixed Fixed
Show less packages

CVE-2022-27536

Medium priority
Ignored

Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.

2 affected packages

golang-1.17, golang-1.18

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-1.17 Not affected
golang-1.18 Not affected Not affected Not affected
Show less packages

CVE-2022-24675

Medium priority

Some fixes available 4 of 6

encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.

2 affected packages

golang-1.17, golang-1.18

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang-1.17 Not in release Needs evaluation
golang-1.18 Not in release Fixed Fixed Fixed
Show less packages
  1. Previous page
  2. 3
  3. 4
  4. 5
  5. 6
  6. 7
  7. Next page
Export to JSON