Download
| Alert*
|
oval:org.secpod.oval:def:1600802
Arbitrary code execution during go get or go get -d:Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git r ... oval:org.secpod.oval:def:1800887 CVE-2017-15042: smtp.PlainAuth susceptible to man-in-the-middle password harvesting; It was found that smtp.PlainAuth scheme was vulnerable to man-in-the-middle attack. smtp.PlainAuth implementation would send the username and password to man-in-the-middle SMTP server that doesnt advertise STARTTLS ... oval:org.secpod.oval:def:204795 The golang packages provide the Go programming language compiler. The following packages have been upgraded to a later upstream version: golang . Security Fix: * golang: arbitrary code execution during "go get" or "go get -d" * golang: smtp.PlainAuth susceptible to man-in-the-m ... oval:org.secpod.oval:def:113326 The Go Programming Language. oval:org.secpod.oval:def:113332 The Go Programming Language. oval:org.secpod.oval:def:113680 The Go Programming Language. oval:org.secpod.oval:def:1700038 Arbitrary code execution during go get or go get -dGo before 1.8.4 and 1.9.x before 1.9.1 allows quot;go getquot; remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git repo ... oval:org.secpod.oval:def:2105901 Oracle Solaris 11 - ( CVE-2017-15041 ) |
