rpm package
suse/go1.15&distro=SUSE Linux Enterprise Module for Development Tools 15 SP1
pkg:rpm/suse/go1.15&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP1
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-28362 | — | < 1.15.5-1.11.1 | 1.15.5-1.11.1 | Nov 18, 2020 | Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. | ||
| CVE-2020-28367 | — | < 1.15.5-1.11.1 | 1.15.5-1.11.1 | Nov 18, 2020 | Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via malicious gcc flags specified via a #cgo directive. | ||
| CVE-2020-28366 | — | < 1.15.5-1.11.1 | 1.15.5-1.11.1 | Nov 18, 2020 | Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file. | ||
| CVE-2020-24553 | — | < 1.15.2-1.3.1 | 1.15.2-1.3.1 | Sep 2, 2020 | Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header. |
- CVE-2020-28362Nov 18, 2020affected < 1.15.5-1.11.1fixed 1.15.5-1.11.1
Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.
- CVE-2020-28367Nov 18, 2020affected < 1.15.5-1.11.1fixed 1.15.5-1.11.1
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via malicious gcc flags specified via a #cgo directive.
- CVE-2020-28366Nov 18, 2020affected < 1.15.5-1.11.1fixed 1.15.5-1.11.1
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file.
- CVE-2020-24553Sep 2, 2020affected < 1.15.2-1.3.1fixed 1.15.2-1.3.1
Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.