Ubuntu Local Security Checks : Ubuntu: Security Advisory (USN-5873-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.12.2023.5873.1

Categoría: Ubuntu Local Security Checks

Título: Ubuntu: Security Advisory (USN-5873-1)

Resumen: The remote host is missing an update for the 'golang-golang-x-text, golang-x-text' package(s) announced via the USN-5873-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'golang-golang-x-text, golang-x-text' package(s) announced via the USN-5873-1 advisory.

Vulnerability Insight:
It was discovered that Go Text incorrectly handled certain encodings. An
attacker could possibly use this issue to cause a denial of service. This
issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14040)

It was discovered that Go Text incorrectly handled certain BCP 47 language
tags. An attacker could possibly use this issue to cause a denial of service.
CVE-2020-28851, CVE-2020-28852 and CVE-2021-38561 affected only
Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2020-28851, CVE-2020-28852, CVE-2021-38561, CVE-2022-32149)

Affected Software/OS:
'golang-golang-x-text, golang-x-text' package(s) on Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Ubuntu 22.10.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2020-14040
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/
https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0
Common Vulnerability Exposure (CVE) ID: CVE-2020-28851
https://github.com/golang/go/issues/42535
Common Vulnerability Exposure (CVE) ID: CVE-2020-28852
https://security.netapp.com/advisory/ntap-20210212-0004/
https://github.com/golang/go/issues/42536
Common Vulnerability Exposure (CVE) ID: CVE-2021-38561
https://deps.dev/advisory/OSV/GO-2021-0113
https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f
https://groups.google.com/g/golang-announce
https://pkg.go.dev/golang.org/x/text/language
Common Vulnerability Exposure (CVE) ID: CVE-2022-32149
https://go.dev/cl/442235
https://go.dev/issue/56152
https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ
https://pkg.go.dev/vuln/GO-2022-1059

Copyright Copyright (C) 2023 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.12.2023.5873.1
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu: Security Advisory (USN-5873-1)
Resumen:	The remote host is missing an update for the 'golang-golang-x-text, golang-x-text' package(s) announced via the USN-5873-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'golang-golang-x-text, golang-x-text' package(s) announced via the USN-5873-1 advisory. Vulnerability Insight: It was discovered that Go Text incorrectly handled certain encodings. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14040) It was discovered that Go Text incorrectly handled certain BCP 47 language tags. An attacker could possibly use this issue to cause a denial of service. CVE-2020-28851, CVE-2020-28852 and CVE-2021-38561 affected only Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-28851, CVE-2020-28852, CVE-2021-38561, CVE-2022-32149) Affected Software/OS: 'golang-golang-x-text, golang-x-text' package(s) on Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Ubuntu 22.10. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-14040 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/ https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0 Common Vulnerability Exposure (CVE) ID: CVE-2020-28851 https://github.com/golang/go/issues/42535 Common Vulnerability Exposure (CVE) ID: CVE-2020-28852 https://security.netapp.com/advisory/ntap-20210212-0004/ https://github.com/golang/go/issues/42536 Common Vulnerability Exposure (CVE) ID: CVE-2021-38561 https://deps.dev/advisory/OSV/GO-2021-0113 https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f https://groups.google.com/g/golang-announce https://pkg.go.dev/golang.org/x/text/language Common Vulnerability Exposure (CVE) ID: CVE-2022-32149 https://go.dev/cl/442235 https://go.dev/issue/56152 https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ https://pkg.go.dev/vuln/GO-2022-1059
Copyright	Copyright (C) 2023 Greenbone AG