Golang Go crypto是Golang社区的一款基于 Go 语言的加密代码库。
Golang Go x/text package 0.3.3之前版本存在安全漏洞。攻击者可利用该漏洞导致UTF-16解码器进入无限循环,进而导致程序崩溃或内存不足。
目前厂商已发布升级补丁以修复漏洞,补丁获取链接:
https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0
来源:MISC
链接:https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0
来源:FEDORA
链接:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/158798/Red-Hat-Security-Advisory-2020-3372-01.html
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/160125/Red-Hat-Security-Advisory-2020-5149-01.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4171/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.1225
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/162696/Red-Hat-Security-Advisory-2021-2039-01.html
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerabilty-has-been-found-in-x-test-pacakge-before-0-3-3-for-go-that-could-lead-to-an-infinite-loop-affecting-ibm-cloud-pak-for-applications/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.1406
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.2714/
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/160580/Red-Hat-Security-Advisory-2020-5606-01.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4513/
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/159515/Red-Hat-Security-Advisory-2020-4214-01.html
来源:www.cybersecurity-help.cz
链接:https://www.cybersecurity-help.cz/vdb/SB2021050603
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3488/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3890/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.1193
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/163798/Red-Hat-Security-Advisory-2021-3140-01.html
来源:vigilance.fr
链接:https://vigilance.fr/vulnerability/Go-overload-via-UTF-BOM-33267
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3700/
来源:nvd.nist.gov
链接:https://nvd.nist.gov/vuln/detail/CVE-2020-14040
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/162151/Red-Hat-Security-Advisory-2021-1168-01.html
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/158512/Red-Hat-Security-Advisory-2020-3087-01.html
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/159880/Red-Hat-Security-Advisory-2020-4694-01.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.0864
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/159095/Red-Hat-Security-Advisory-2020-3578-01.html
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/159999/Red-Hat-Security-Advisory-2020-5055-01.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4100/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.1759
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/159187/Red-Hat-Security-Advisory-2020-3727-01.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4461/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.0691
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/162337/Red-Hat-Security-Advisory-2021-1369-01.html
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/161286/Red-Hat-Security-Advisory-2021-0420-01.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.2517/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2021.2731
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3081/
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/159725/Red-Hat-Security-Advisory-2020-4297-01.html
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerabilty-in-encoding-unicode-in-the-utf-16-decoder-has-been-found-in-x-text-package-before-v0-3-3-for-go-that-could-lead-to-an-infinite-loop-and-denial-of-service-affecting/
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/160197/Red-Hat-Security-Advisory-2020-5198-01.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3174/
来源:www.nsfocus.net
链接:http://www.nsfocus.net/vulndb/48793
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/162130/Red-Hat-Security-Advisory-2021-1129-01.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3223.2/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3994/
