Download
| Alert*
|
oval:org.secpod.oval:def:503516
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix: * golang: HTTP/1.1 headers with a space before the colon leads to filter bypass or request smuggling * golang: invalid public key causes panic in dsa.Verify For more details abou ... oval:org.secpod.oval:def:66518 Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix: * golang: HTTP/1.1 headers with a space before the colon leads to filter bypass or request smuggling * golang: invalid public key causes panic in dsa.Verify For more details abou ... oval:org.secpod.oval:def:117302 The Go Programming Language. oval:org.secpod.oval:def:604576 Daniel Mandragona discovered that invalid DSA public keys can cause a panic in dsa.Verify, resulting in denial of service. oval:org.secpod.oval:def:69771 Daniel Mandragona discovered that invalid DSA public keys can cause a panic in dsa.Verify, resulting in denial of service. oval:org.secpod.oval:def:2004943 Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates. oval:org.secpod.oval:def:1504396 go-toolset [1.12.12-1] - Update for golang package fixes [1.12.12-1] - Bump version to 1.12.12 golang [1.12.12-4.0.1] - from upstream https://github.com/golang/go/issues/2775 - move arbitrary value 10% to 15% for GC tests, hits 10.48% on our - infrastructure - Resolves failing post build tests [Orab ... oval:org.secpod.oval:def:1702268 Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates oval:org.secpod.oval:def:1601904 Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates |
