 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2023.0145 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2023-0145) |
| Zusammenfassung: | The remote host is missing an update for the 'golang' package(s) announced via the MGASA-2023-0145 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'golang' package(s) announced via the MGASA-2023-0145 advisory. Vulnerability Insight: DOS due to incorrect HTTP and MIME header parsing (CVE-2023-24534) DOS due to incorrect Multipart form parsing (CVE-2023-24536) Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow. (CVE-2023-24537) Arbitrary Javascript code execution due to failure to escape back ticks (CVE-2023-24538) Affected Software/OS: 'golang' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2023-24534 https://security.gentoo.org/glsa/202311-09 https://go.dev/cl/481994 https://go.dev/issue/58975 https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8 https://pkg.go.dev/vuln/GO-2023-1704 https://security.netapp.com/advisory/ntap-20230526-0007/ Common Vulnerability Exposure (CVE) ID: CVE-2023-24536 https://go.dev/cl/482075 https://go.dev/cl/482076 https://go.dev/cl/482077 https://go.dev/issue/59153 https://pkg.go.dev/vuln/GO-2023-1705 Common Vulnerability Exposure (CVE) ID: CVE-2023-24537 https://go.dev/cl/482078 https://go.dev/issue/59180 https://pkg.go.dev/vuln/GO-2023-1702 Common Vulnerability Exposure (CVE) ID: CVE-2023-24538 https://go.dev/cl/482079 https://go.dev/issue/59234 https://pkg.go.dev/vuln/GO-2023-1703 |
| Copyright | Copyright (C) 2023 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |