wid-sec-w-2023-3038
Vulnerability from csaf_certbund
Published
2023-11-30 23:00
Modified
2024-05-30 22:00
Summary
Golang Go: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Go ist eine quelloffene Programmiersprache.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux - MacOS X - Windows



{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Go ist eine quelloffene Programmiersprache.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- MacOS X\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-3038 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3038.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-3038 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3038"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1078 vom 2024-03-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:1078"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12190 vom 2024-03-04",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12190.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12191 vom 2024-03-04",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12191.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:4708-1 vom 2023-12-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017307.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0530 vom 2024-01-25",
        "url": "https://access.redhat.com/errata/RHSA-2024:0530"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2024-1903 vom 2024-01-09",
        "url": "https://alas.aws.amazon.com/ALAS-2024-1903.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1149 vom 2024-03-06",
        "url": "https://access.redhat.com/errata/RHSA-2024:1149"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASDOCKER-2024-039 vom 2024-03-06",
        "url": "https://alas.aws.amazon.com/AL2/ALASDOCKER-2024-039.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASNITRO-ENCLAVES-2024-039 vom 2024-03-06",
        "url": "https://alas.aws.amazon.com/AL2/ALASNITRO-ENCLAVES-2024-039.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1131 vom 2024-03-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:1131"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASECS-2024-035 vom 2024-03-06",
        "url": "https://alas.aws.amazon.com/AL2/ALASECS-2024-035.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7129944 vom 2024-03-06",
        "url": "https://www.ibm.com/support/pages/node/7129944"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2024-2388 vom 2024-01-10",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2388.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1244 vom 2024-03-11",
        "url": "https://access.redhat.com/errata/RHSA-2024:1244"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7198 vom 2024-02-28",
        "url": "https://access.redhat.com/errata/RHSA-2023:7198"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0269 vom 2024-02-28",
        "url": "https://access.redhat.com/errata/RHSA-2024:0269"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7200 vom 2024-02-28",
        "url": "https://access.redhat.com/errata/RHSA-2023:7200"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6574-1 vom 2024-01-11",
        "url": "https://ubuntu.com/security/notices/USN-6574-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:4709-1 vom 2023-12-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017389.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0843 vom 2024-02-15",
        "url": "https://access.redhat.com/errata/RHSA-2024:0843"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-193547DEF8 vom 2024-01-16",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-193547def8"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1041 vom 2024-02-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:1041"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:4931-1 vom 2023-12-20",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017503.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:4930-1 vom 2023-12-20",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017504.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0281 vom 2024-03-06",
        "url": "https://access.redhat.com/errata/RHSA-2024:0281"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-EPEL-2024-9B53B79398 vom 2024-03-06",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-9b53b79398"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2024-2446 vom 2024-02-06",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2446.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0880 vom 2024-02-20",
        "url": "https://access.redhat.com/errata/RHSA-2024:0880"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0887 vom 2024-02-20",
        "url": "https://access.redhat.com/errata/RHSA-2024:0887"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-1149 vom 2024-03-07",
        "url": "https://linux.oracle.com/errata/ELSA-2024-1149.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-1131 vom 2024-03-07",
        "url": "http://linux.oracle.com/errata/ELSA-2024-1131.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0694 vom 2024-02-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:0694"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0695 vom 2024-02-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:0695"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0728 vom 2024-02-08",
        "url": "https://access.redhat.com/errata/RHSA-2024:0728"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0748 vom 2024-02-08",
        "url": "https://access.redhat.com/errata/RHSA-2024:0748"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0887 vom 2024-02-23",
        "url": "https://linux.oracle.com/errata/ELSA-2024-0887.html"
      },
      {
        "category": "external",
        "summary": "Go 1.21.5 and Go 1.20.12 pre-announcement vom 2023-11-30",
        "url": "https://groups.google.com/g/golang-announce/c/TABUsV4-FiU"
      },
      {
        "category": "external",
        "summary": "Github Golang/Go vom 2023-11-30",
        "url": "https://github.com/golang/go/issues/64433"
      },
      {
        "category": "external",
        "summary": "Security fixes in Go 1.21.5 and Go 1.20.12 releases vom 2023-12-05",
        "url": "https://groups.google.com/g/golang-announce/c/iLGK3x6yuNo?pli=1"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1433 vom 2024-03-20",
        "url": "https://access.redhat.com/errata/RHSA-2024:1433"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12225 vom 2024-03-19",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12225.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1434 vom 2024-03-20",
        "url": "https://access.redhat.com/errata/RHSA-2024:1434"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12226 vom 2024-03-20",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12226.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7145581 vom 2024-04-01",
        "url": "https://www.ibm.com/support/pages/node/7145581"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1640 vom 2024-04-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:1640"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12263 vom 2024-04-03",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12263.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12261 vom 2024-04-03",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12261.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12262 vom 2024-04-03",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12262.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12264 vom 2024-04-03",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12264.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1812 vom 2024-04-15",
        "url": "https://access.redhat.com/errata/RHSA-2024:1812"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1859 vom 2024-04-16",
        "url": "https://access.redhat.com/errata/RHSA-2024:1859"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12328 vom 2024-04-17",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12328.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-12329 vom 2024-04-17",
        "url": "https://linux.oracle.com/errata/ELSA-2024-12329.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1901 vom 2024-04-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:1901"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1896 vom 2024-04-25",
        "url": "https://access.redhat.com/errata/RHSA-2024:1896"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-2084 vom 2024-04-30",
        "url": "https://linux.oracle.com/errata/ELSA-2024-2084.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2160 vom 2024-04-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:2160"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2193 vom 2024-04-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:2193"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2024-2543 vom 2024-05-15",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2543.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7154430 vom 2024-05-20",
        "url": "https://www.ibm.com/support/pages/node/7154430"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2988 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:2988"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-2988 vom 2024-05-28",
        "url": "https://linux.oracle.com/errata/ELSA-2024-2988.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3467 vom 2024-05-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:3467"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3479 vom 2024-05-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:3479"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2728 vom 2024-05-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:2728"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2024-2556 vom 2024-05-30",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2556.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Golang Go: Mehrere Schwachstellen erm\u00f6glichen nicht spezifizierten Angriff",
    "tracking": {
      "current_release_date": "2024-05-30T22:00:00.000+00:00",
      "generator": {
        "date": "2024-05-31T09:36:19.655+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2023-3038",
      "initial_release_date": "2023-11-30T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-11-30T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-12-05T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates aufgenommen, Beschreibung erg\u00e4nzt"
        },
        {
          "date": "2023-12-11T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2023-12-14T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2023-12-20T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-01-08T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2024-01-09T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2024-01-10T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-01-15T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Fedora aufgenommen"
        },
        {
          "date": "2024-01-25T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-02-05T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2024-02-07T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-02-08T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-02-15T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-02-20T23:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-02-22T23:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-02-27T23:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-02-28T23:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-03-04T23:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
        },
        {
          "date": "2024-03-05T23:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Red Hat und Amazon aufgenommen"
        },
        {
          "date": "2024-03-06T23:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Red Hat und Fedora aufgenommen"
        },
        {
          "date": "2024-03-07T23:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-03-11T23:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-03-19T23:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
        },
        {
          "date": "2024-03-20T23:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-04-01T22:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
        },
        {
          "date": "2024-04-02T22:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
        },
        {
          "date": "2024-04-14T22:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-04-16T22:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-04-17T22:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-04-25T22:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-04-29T22:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-05-15T22:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2024-05-20T22:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-05-21T22:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-28T22:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-05-30T22:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "37"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c1.21.5",
                "product": {
                  "name": "Golang Go \u003c1.21.5",
                  "product_id": "T031433",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:golang:go:1.21.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c1.20.12",
                "product": {
                  "name": "Golang Go \u003c1.20.12",
                  "product_id": "T031434",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:golang:go:1.20.12"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Go"
          }
        ],
        "category": "vendor",
        "name": "Golang"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "IBM App Connect Enterprise",
            "product": {
              "name": "IBM App Connect Enterprise",
              "product_id": "T032495",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:app_connect_enterprise:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "REST \u003c1.0.0.301-amd64",
                "product": {
                  "name": "IBM DB2 REST \u003c1.0.0.301-amd64",
                  "product_id": "T034919",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:db2:1.0.0.301-amd64::rest"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "DB2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c10.5.4",
                "product": {
                  "name": "IBM DataPower Gateway \u003c10.5.4",
                  "product_id": "T033810",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:datapower_gateway:10.5.4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.5.0.10",
                "product": {
                  "name": "IBM DataPower Gateway \u003c10.5.0.10",
                  "product_id": "T033811",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.10"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.0.1.18",
                "product": {
                  "name": "IBM DataPower Gateway \u003c10.0.1.18",
                  "product_id": "T033812",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:datapower_gateway:10.0.1.18"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "DataPower Gateway"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "2.4",
                "product": {
                  "name": "Red Hat Ansible Automation Platform 2.4",
                  "product_id": "1496312",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ansible_automation_platform:2.4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Ansible Automation Platform"
          },
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Secondary Scheduler Operator",
                "product": {
                  "name": "Red Hat OpenShift Secondary Scheduler Operator",
                  "product_id": "T027759",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:::secondary_scheduler_operator"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Logging Subsystem \u003c5.8.3",
                "product": {
                  "name": "Red Hat OpenShift Logging Subsystem \u003c5.8.3",
                  "product_id": "T032604",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:logging_subsystem__5.8.3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenShift"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-39326",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Golang Go, aufgrund unvollst\u00e4ndiger Eingabepr\u00fcfungen und weil git auf unsichere Protokolle zur\u00fcckfallen kann. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "67646",
          "T032604",
          "T033811",
          "T033812",
          "T004914",
          "74185",
          "T032495",
          "T002207",
          "T027759",
          "T000126",
          "398363",
          "1496312",
          "T034919"
        ]
      },
      "release_date": "2023-11-30T23:00:00Z",
      "title": "CVE-2023-39326"
    },
    {
      "cve": "CVE-2023-45283",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Golang Go, aufgrund unvollst\u00e4ndiger Eingabepr\u00fcfungen und weil git auf unsichere Protokolle zur\u00fcckfallen kann. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "67646",
          "T032604",
          "T033811",
          "T033812",
          "T004914",
          "74185",
          "T032495",
          "T002207",
          "T027759",
          "T000126",
          "398363",
          "1496312",
          "T034919"
        ]
      },
      "release_date": "2023-11-30T23:00:00Z",
      "title": "CVE-2023-45283"
    },
    {
      "cve": "CVE-2023-45285",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Golang Go, aufgrund unvollst\u00e4ndiger Eingabepr\u00fcfungen und weil git auf unsichere Protokolle zur\u00fcckfallen kann. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "67646",
          "T032604",
          "T033811",
          "T033812",
          "T004914",
          "74185",
          "T032495",
          "T002207",
          "T027759",
          "T000126",
          "398363",
          "1496312",
          "T034919"
        ]
      },
      "release_date": "2023-11-30T23:00:00Z",
      "title": "CVE-2023-45285"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.