Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

61 – 64 of 64 results


CVE-2022-29526

Medium priority

Some fixes available 6 of 19

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.

11 affected packages

golang, golang-1.10, golang-1.13, golang-1.14, golang-1.15...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang Not in release Not in release Not in release Not in release Not in release
golang-1.10 Not in release Not in release Not in release Needs evaluation Needs evaluation
golang-1.13 Not in release Not affected Not affected Not affected Not affected
golang-1.14 Not in release Not in release Needs evaluation Not in release Not in release
golang-1.15 Not in release Not in release Not in release
golang-1.16 Not in release Not in release Fixed Fixed Ignored
golang-1.17 Not in release Needs evaluation Not in release Not in release Ignored
golang-1.18 Not in release Fixed Fixed Fixed Fixed
golang-1.6 Not in release Not in release Not in release Not in release Needs evaluation
golang-1.8 Not in release Not in release Not in release Needs evaluation Not in release
golang-1.9 Not in release Not in release Not in release Needs evaluation Not in release
Show all 11 packages Show less packages

CVE-2022-28327

Medium priority

Some fixes available 4 of 6

The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.

2 affected packages

golang-1.17, golang-1.18

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-1.17 Not in release Needs evaluation Ignored
golang-1.18 Not in release Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-27536

Medium priority
Ignored

Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.

2 affected packages

golang-1.17, golang-1.18

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-1.17 Not affected Ignored
golang-1.18 Not affected Not affected Not affected Ignored
Show less packages

CVE-2022-24675

Medium priority

Some fixes available 4 of 6

encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.

2 affected packages

golang-1.17, golang-1.18

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-1.17 Not in release Needs evaluation Ignored
golang-1.18 Not in release Fixed Fixed Fixed Fixed
Show less packages