Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-202408-07
HistoryAug 07, 2024 - 12:00 a.m.

Go: Multiple Vulnerabilities

2024-08-0700:00:00
Gentoo Foundation
security.gentoo.org
8
vulnerabilities
programming language
upgrade

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.2

Confidence

Low

JSON

Background

Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.

Description

Multiple vulnerabilities have been discovered in Go. Please review the CVE identifiers referenced below for details.

Impact

Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Resolution

All Go users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-lang/go-1.22.3"

Due to Go programs typically being statically compiled, Go users should also recompile the reverse dependencies of the Go language to ensure statically linked programs are remediated:

 # emerge --ask --oneshot --verbose @golang-rebuild
OSVersionArchitecturePackageVersionFilename
Gentooanyalldev-lang/go< 1.22.3UNKNOWN

Related

nessus 80
ibm 18
osv 11
rocky 4
redhat 19
openvas 35
oraclelinux 6
almalinux 6
freebsd 2
amazon 5
ubuntu 1
mageia 2
redos 2
altlinux 1
fedora 1
photon 5
f5 1
nessus
nessus
GLSA-202408-07 : Go: Multiple Vulnerabilities
2024-08-07 00:00:00
RHEL 8 : Release of openshift-serverless-clients kn 1.33.0 security update & s (Important) (RHSA-2024:4023)
2024-06-20 00:00:00
Rocky Linux 8 : go-toolset:rhel8 (RLSA-2024:3259)
2024-06-14 00:00:00
ibm
ibm
Security Bulletin: Operations Dashboard in IBM Cloud Pak for Integration is vulnerable to Go vulnerabilities CVE-2023-45290, CVE-2024-24783, CVE-2024-24785, CVE-2023-45289, CVE-2024-24784 & CVE-2024-24788
2024-07-24 11:02:46
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Go
2024-08-22 00:19:22
Security Bulletin: IBM Storage Protect Server is susceptible to numerous vulnerabilities due to Golang Go (CVE-2024-24785, CVE-2023-45289, CVE-2024-24783, CVE-2023-45290, CVE-2024-24784)
2024-07-01 05:56:51
osv
osv
Important: go-toolset:rhel8 security update
2024-05-22 00:00:00
Important: go-toolset:rhel8 security update
2024-06-14 13:59:30
Important: golang security update
2024-04-30 00:00:00
rocky
rocky
go-toolset:rhel8 security update
2024-06-14 13:59:30
golang security update
2024-05-10 14:32:42
git-lfs security update
2024-05-10 14:32:42
redhat
redhat
(RHSA-2024:4023) Important: Release of openshift-serverless-clients kn 1.33.0 security update & enhancements
2024-06-20 12:35:18
(RHSA-2024:3259) Important: go-toolset:rhel8 security update
2024-05-22 10:41:22
(RHSA-2024:2562) Important: golang security update
2024-04-30 11:38:52
openvas
openvas
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1835)
2024-06-25 00:00:00
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1814)
2024-06-25 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0811-1)
2024-03-11 00:00:00
oraclelinux
oraclelinux
go-toolset:ol8 security update
2024-05-29 00:00:00
golang security update
2024-05-07 00:00:00
git-lfs security update
2024-05-07 00:00:00
almalinux
almalinux
Important: go-toolset:rhel8 security update
2024-05-22 00:00:00
Important: golang security update
2024-04-30 00:00:00
Important: git-lfs security update
2024-05-23 00:00:00
freebsd
freebsd
go -- multiple vulnerabilities
2024-03-05 00:00:00
go -- multiple vulnerabilities
2023-04-27 00:00:00
amazon
amazon
Medium: golang
2024-05-23 22:04:00
Important: golang
2023-06-05 16:39:00
Medium: golist
2024-05-23 22:04:00
ubuntu
ubuntu
Go vulnerabilities
2024-07-09 00:00:00
mageia
mageia
Updated golang packages fix security vulnerability
2023-05-16 22:17:40
Updated golang packages fix security vulnerabilities
2023-12-18 01:40:49
redos
redos
ROS-20240402-17
2024-04-02 00:00:00
ROS-20240805-08
2024-08-05 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package golang version 1.19.9-alt1
2023-05-03 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: golang-1.21.6-1.fc39
2024-01-20 03:24:19
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0531
2023-12-22 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0387
2023-05-05 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0176
2023-12-21 00:00:00
f5
f5
K000138679 : GoLang vulnerabilities CVE-2023-24540, CVE-2023-29400, and CVE-2023-29403
2024-02-21 00:00:00

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.2

Confidence

Low

JSON
Related for GLSA-202408-07
nessus80ibm18osv11rocky4redhat19openvas35oraclelinux6almalinux6freebsd2amazon5ubuntu1mageia2redos2altlinux1fedora1photon5f51