A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean function could transform an invalid path such as "a/../c:/b" into the valid path "c:\b". This transformation of a relative (if invalid) path into an absolute path could enable a directory traversal attack. After fix, the filepath.Clean function transforms this path into the relative (but still invalid) path ".\c:\b".

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean     function could transform an invalid path such as a/../c:/b into the valid path c:\b. This     transformation of a relative (if invalid) path into an absolute path could enable a directory traversal     attack. After fix, the filepath.Clean function transforms this path into the relative (but still invalid)     path .\c:\b. (CVE-2022-41722)

Note that Nessus relies on the presence of the package as reported by the vendor.

The version of golang / msft-golang installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41722 advisory.

  - A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean     function could transform an invalid path such as a/../c:/b into the valid path c:\b. This     transformation of a relative (if invalid) path into an absolute path could enable a directory traversal     attack. After fix, the filepath.Clean function transforms this path into the relative (but still invalid)     path .\c:\b. (CVE-2022-41722)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of golang / msft-golang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41722 advisory.

  - A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean     function could transform an invalid path such as a/../c:/b into the valid path c:\b. This     transformation of a relative (if invalid) path into an absolute path could enable a directory traversal     attack. After fix, the filepath.Clean function transforms this path into the relative (but still invalid)     path .\c:\b. (CVE-2022-41722)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

An update of the go package has been released.

An update of the falco package has been released.

An update of the kubernetes package has been released.

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0808 advisory.

  - The go command may execute arbitrary code at build time when using cgo. This may occur when running go     get on a malicious module, or when running any other command which builds untrusted code. This is can by     triggered by linker flags, specified via a #cgo LDFLAGS directive. Flags containing embedded spaces are     mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in     the argument of another flag. This only affects usage of the gccgo compiler. (CVE-2023-29405)

  - When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by     finalizing the operation with a rename from a temporary name to the final target file name.In that rename     operation, it might accidentally *widen* the permissions for the target file, leaving the updated file     accessible to more users than intended. (CVE-2022-32207)

  - decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS. (CVE-2022-38900)

  - The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket.
    (CVE-2022-33987)

  - Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the     name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3. (CVE-2022-37601)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3366 advisory.

    Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution     designed for on-premise or private cloud deployments.

    This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.2. See the following     advisory for the container images for this release:

    https://access.redhat.com/errata/RHSA-2023:3367

    Security Fix(es):

    * golang: html/template: improper handling of JavaScript whitespace (CVE-2023-24540)

    * golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)

    * golang: path/filepath: path-filepath filepath.Clean path traversal (CVE-2022-41722)

    * golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images     when they are available in the appropriate release channel. To check for available updates, use the     OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at     https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1325 advisory.

    Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution     designed for on-premise or private cloud deployments.

    This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.0. See the following     advisory for the container images for this release:

    https://access.redhat.com/errata/RHSA-2023:1326

    Security Fix(es):

    * python-werkzeug: high resource usage when parsing multipart form data with many fields (CVE-2023-25577)

    * golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)

    * net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)

    * golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)

    * golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)

    * haproxy: segfault DoS (CVE-2023-0056)

    * openshift/apiserver-library-go: Bypass of SCC seccomp profile restrictions (CVE-2023-0229)

    * podman: symlink exchange attack in podman export volume (CVE-2023-0778)

    * haproxy: request smuggling attack in HTTP/1 header parsing (CVE-2023-25725)

    * buildah: possible information disclosure and modification (CVE-2022-2990)

    * OpenShift: Missing HTTP Strict Transport Security (CVE-2022-3259)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images     when they are available in the appropriate release channel. To check for available updates, use the     OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at     https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1325 advisory.

  - The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to     crash a server in certain circumstances involving AddHostKey. (CVE-2022-27191)

  - An incorrect handling of the supplementary groups in the Buildah container engine might lead to the     sensitive information disclosure or possible data modification if an attacker has direct access to the     affected container where supplementary groups are used to set access permissions and is able to execute a     binary code in that container. (CVE-2022-2990)

  - Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the-middle (MITM)     attacks. (CVE-2022-3259)

  - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server     connections contain a cache of HTTP header keys sent by the client. While the total number of entries in     this cache is capped, an attacker sending very large keys can cause the server to allocate approximately     64 MiB per open connection. (CVE-2022-41717)

  - A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean     function could transform an invalid path such as a/../c:/b into the valid path c:\b. This     transformation of a relative (if invalid) path into an absolute path could enable a directory traversal     attack. After fix, the filepath.Clean function transforms this path into the relative (but still invalid)     path .\c:\b. (CVE-2022-41722)

  - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient     to cause a denial of service from a small number of small requests. (CVE-2022-41723)

  - Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS     handshake records which cause servers and clients, respectively, to panic when attempting to construct     responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption     (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client     certificates (by setting Config.ClientAuth >= RequestClientCert). (CVE-2022-41724)

  - A denial of service is possible from excessive resource consumption in net/http and mime/multipart.
    Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory     and disk files. This also affects form parsing in the net/http package with the Request methods FormFile,     FormValue, ParseMultipartForm, and PostFormValue. ReadForm takes a maxMemory parameter, and is documented     as storing up to maxMemory bytes +10MB (reserved for non-file parts) in memory. File parts which cannot     be stored in memory are stored on disk in temporary files. The unconfigurable 10MB reserved for non-file     parts is excessively large and can potentially open a denial of service vector on its own. However,     ReadForm did not properly account for all memory consumed by a parsed form, such as map entry overhead,     part names, and MIME headers, permitting a maliciously crafted form to consume well over 10MB. In     addition, ReadForm contained no limit on the number of disk files created, permitting a relatively small     request body to create a large number of disk temporary files. With fix, ReadForm now properly accounts     for various forms of memory overhead, and should now stay within its documented limit of 10MB + maxMemory     bytes of memory consumption. Users should still be aware that this limit is high and may still be     hazardous. In addition, ReadForm now creates at most one on-disk temporary file, combining multiple form     parts into a single temporary file. The mime/multipart.File interface type's documentation states, If     stored on disk, the File's underlying concrete type will be an *os.File.. This is no longer the case when     a form contains more than one file part, due to this coalescing of parts into a single file. The previous     behavior of using distinct files for each form part may be reenabled with the environment variable     GODEBUG=multipartfiles=distinct. Users should be aware that multipart.ReadForm and the http.Request     methods that call it do not limit the amount of disk consumed by temporary files. Callers can limit the     size of form data with http.MaxBytesReader. (CVE-2022-41725)

  - An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the     service. This issue could allow an authenticated remote attacker to run a specially crafted malicious     server in an OpenShift cluster. The biggest impact is to availability. (CVE-2023-0056)

  - A flaw was found in github.com/openshift/apiserver-library-go, used in OpenShift 4.12 and 4.11, that     contains an issue that can allow low-privileged users to set the seccomp profile for pods they control to     unconfined. By default, the seccomp profile used in the restricted-v2 Security Context Constraint (SCC)     is runtime/default, allowing users to disable seccomp for pods they can create and modify.
    (CVE-2023-0229)

  - A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to     replace a normal file in a volume with a symlink while exporting the volume, allowing for access to     arbitrary files on the host file system. (CVE-2023-0778)

  - Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart     form data parser will parse an unlimited number of parts, including file parts. Parts can be a small     amount of bytes, but each requires CPU time to parse and may use more memory as Python data. If a request     can be made to an endpoint that accesses `request.data`, `request.form`, `request.files`, or     `request.get_data(parse_form_data=False)`, it can cause unexpectedly high resource usage. This allows an     attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it.
    The amount of CPU time required can block worker processes from handling legitimate requests. The amount     of RAM required can trigger an out of memory kill of the process. Unlimited file parts can use up memory     and file handles. If many concurrent requests are sent continuously, this can exhaust or kill all     available workers. Version 2.2.3 contains a patch for this issue. (CVE-2023-25577)

  - HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in     some situations, aka request smuggling. The HTTP header parsers in HAProxy may accept empty header field     names, which could be used to truncate the list of HTTP headers and thus make some headers disappear after     being parsed and processed for HTTP/1.0 and HTTP/1.1. For HTTP/2 and HTTP/3, the impact is limited because     the headers disappear before being parsed and processed, as if they had not been sent by the client. The     fixed versions are 2.7.3, 2.6.9, 2.5.12, 2.4.22, 2.2.29, and 2.0.31. (CVE-2023-25725)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3366 advisory.

  - The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to     crash a server in certain circumstances involving AddHostKey. (CVE-2022-27191)

  - A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean     function could transform an invalid path such as a/../c:/b into the valid path c:\b. This     transformation of a relative (if invalid) path into an absolute path could enable a directory traversal     attack. After fix, the filepath.Clean function transforms this path into the relative (but still invalid)     path .\c:\b. (CVE-2022-41722)

  - Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS     handshake records which cause servers and clients, respectively, to panic when attempting to construct     responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption     (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client     certificates (by setting Config.ClientAuth >= RequestClientCert). (CVE-2022-41724)

  - Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing     whitespace characters outside of the character set \t\n\f\r\u0020\u2028\u2029 in JavaScript contexts     that also contain actions may not be properly sanitized during execution. (CVE-2023-24540)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of golang installed on the remote host is prior to 1.20.8-1.47. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1848 advisory.

    2024-01-03: CVE-2023-24537 was added to this advisory.

    2024-01-03: CVE-2023-29400 was added to this advisory.

    2024-01-03: CVE-2023-24538 was added to this advisory.

    2024-01-03: CVE-2022-41722 was added to this advisory.

    2024-01-03: CVE-2022-41717 was added to this advisory.

    2024-01-03: CVE-2023-24540 was added to this advisory.

    2024-01-03: CVE-2022-41724 was added to this advisory.

    2024-01-03: CVE-2023-24532 was added to this advisory.

    2024-01-03: CVE-2023-39319 was added to this advisory.

    2024-01-03: CVE-2022-41725 was added to this advisory.

    2024-01-03: CVE-2023-29404 was added to this advisory.

    2024-01-03: CVE-2023-29405 was added to this advisory.

    An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server     connections contain a cache of HTTP header keys sent by the client. While the total number of entries in     this cache is capped, an attacker sending very large keys can cause the server to allocate approximately     64 MiB per open connection. (CVE-2022-41717)

    The Go project has described this issue as follows:

    On Windows, the filepath.Clean function could transform an invalid path such as a/../c:/b into the valid     path c:\b. This transformation of a relative (if invalid) path into an absolute path could enable a     directory traversal attack. The filepath.Clean function will now transform this path into the relative     (but still invalid) path .\c:\b. (CVE-2022-41722)

    Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS     handshake records which cause servers and clients, respectively, to panic when attempting to construct     responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption     (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client     certificates (by setting Config.ClientAuth >= RequestClientCert). (CVE-2022-41724)

    Golang: net/http, mime/multipart: denial of service from excessive resource consumption     (https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E) (CVE-2022-41725)

    The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with     some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages     of crypto/ecdsa or crypto/ecdh. (CVE-2023-24532)

    Calling any of the Parse functions on Go source code which contains //line directives with very large line     numbers can cause an infinite loop due to integer overflow. (CVE-2023-24537)

    Templates did not properly consider backticks (`) as Javascript string delimiters, and as such didnot     escape them as expected. Backticks are used, since ES6, for JS template literals. If a templatecontained a     Go template action within a Javascript template literal, the contents of the action couldbe used to     terminate the literal, injecting arbitrary Javascript code into the Go template. (CVE-2023-24538)

    html/template: improper handling of JavaScript whitespace.

    Not all valid JavaScript whitespace characters were considered to be whitespace. Templates containing     whitespace characters outside of the character set \t\n\f\r\u0020\u2028\u2029 in JavaScript contexts     that also contain actions may not be properly sanitized during execution. (CVE-2023-24540)

    html/template: improper handling of empty HTML attributes.

    Templates containing actions in unquoted HTML attributes (e.g. attr={{.}}) executed with empty input     could result in output that would have unexpected results when parsed due to HTML normalization rules.
    This may allow injection of arbitrary attributes into tags. (CVE-2023-29400)

    On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid     bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of     standard i/o file descriptors. If a setuid/setgid binary is executed with standard I/O file descriptors     closed, opening any files can result in unexpected content being read or written with elevated privileges.
    Similarly, if a setuid/setgid program is terminated, either via panic or signal, it may leak the contents     of its registers. (CVE-2023-29403)

    The go command may execute arbitrary code at build time when using cgo. This may occur when running go     get on a malicious module, or when running any other command which builds untrusted code. This is can by     triggered by linker flags, specified via a #cgo LDFLAGS directive. The arguments for a number of flags     which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled     through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers. (CVE-2023-29404)

    The go command may execute arbitrary code at build time when using cgo. This may occur when running go     get on a malicious module, or when running any other command which builds untrusted code. This is can by     triggered by linker flags, specified via a #cgo LDFLAGS directive. Flags containing embedded spaces are     mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in     the argument of another flag. This only affects usage of the gccgo compiler. (CVE-2023-29405)

    The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host     header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send     requests containing an invalid Request.Host or Request.URL.Host value. (CVE-2023-29406)

    Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time     verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <=     8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in     circulation with keys larger than this, and all three appear to be test certificates that are not actively     deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so     causing breakage here in the interests of increasing the default safety of users of crypto/tls seems     reasonable. (CVE-2023-29409)

    The html/template package does not apply the proper rules for handling occurrences of <script, <!--,     and </script within JS literals in <script> contexts. This may cause the template parser to improperly     consider script contexts to be terminated early, causing actions to be improperly escaped. This could be     leveraged to perform an XSS attack. (CVE-2023-39319)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of golang installed on the remote host is prior to 1.19.6-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2GOLANG1.19-2023-002 advisory.

    An out of bounds read vulnerability was found in debug/macho of the Go standard library. When using the     debug/macho standard library (stdlib) and malformed binaries are parsed using Open or OpenFat, it can     cause golang to attempt to read outside of a slice (array) causing a panic when calling ImportedSymbols.
    An attacker can use this vulnerability to craft a file which causes an application using this library to     crash resulting in a denial of service. (CVE-2021-41771)

    There's a flaw in golang's syscall.ForkExec() interface. An attacker who manages to first cause a file     descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could     compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with     and using syscall.ForkExec(). (CVE-2021-44717)

    A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating     chunked encoding. This issue could allow request smuggling, but only if combined with an intermediate     server that also improperly accepts the header as invalid. (CVE-2022-1705)

    A flaw was found in the golang standard library, go/parser. When calling any Parse functions on the Go     source code, which contains deeply nested types or declarations, a panic can occur due to stack     exhaustion. This issue allows an attacker to impact system availability. (CVE-2022-1962)

    Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to     Uncontrolled Memory Consumption. (CVE-2022-23772)

    cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to     be version tags. This can lead to incorrect access control if an actor is supposed to be able to create     branches but not tags. (CVE-2022-23773)

    A flaw was found in the elliptic package of the crypto library in golang when the IsOnCurve function could     return true for invalid field elements. This flaw allows an attacker to take advantage of this undefined     behavior, affecting the availability and integrity of the resource. (CVE-2022-23806)

    A buffer overflow flaw was found in Golang's library encoding/pem. This flaw allows an attacker to use a     large PEM input (more than 5 MB) ), causing a stack overflow in Decode, which leads to a loss of     availability. (CVE-2022-24675)

    In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because     an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)

    An integer overflow flaw was found in Golang's crypto/elliptic library. This flaw allows an attacker to     use a crafted scaler input longer than 32 bytes, causing P256().ScalarMult or P256().ScalarBaseMult to     panic, leading to a loss of availability. (CVE-2022-28327)

    Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could     cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.
    After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)

    Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including     unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy     forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in     the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director     function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse     query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)

    Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in     the working directory named either ..com or ..exe by calling Cmd.Run, Cmd.Start, Cmd.Output, or     Cmd.CombinedOutput when Cmd.Path is unset. (CVE-2022-30580)

    A flaw was found in golang. Calling Glob on a path that contains a large number of path separators can     cause a panic issue due to stack exhaustion. This can cause an attacker to impact availability.
    (CVE-2022-30632)

    Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause     an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. (CVE-2022-30634)

    A flaw was found in golang. When calling Decoder.Decode on a message that contains deeply nested     structures, a panic can occur due to stack exhaustion and allows an attacker to impact system     availability. (CVE-2022-30635)

    Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion     or denial of service. The parsed regexp representation is linear in the size of the input, but in some     cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger     amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular     expressions whose representation would use more space than that are rejected. Normal use of regular     expressions is unaffected. (CVE-2022-41715)

    An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server     connections contain a cache of HTTP header keys sent by the client. While the total number of entries in     this cache is capped, an attacker sending very large keys can cause the server to allocate approximately     64 MiB per open connection. (CVE-2022-41717)

    The Go project has described this issue as follows:

    On Windows, the filepath.Clean function could transform an invalid path such as a/../c:/b into the valid     path c:\b. This transformation of a relative (if invalid) path into an absolute path could enable a     directory traversal attack. The filepath.Clean function will now transform this path into the relative     (but still invalid) path .\c:\b. (CVE-2022-41722)

    http2/hpack: avoid quadratic complexity in hpack decoding (CVE-2022-41723)

    Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS     handshake records which cause servers and clients, respectively, to panic when attempting to construct     responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption     (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client     certificates (by setting Config.ClientAuth >= RequestClientCert). (CVE-2022-41724)

    Golang: net/http, mime/multipart: denial of service from excessive resource consumption     (https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E) (CVE-2022-41725)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-175 advisory.

    Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to     Uncontrolled Memory Consumption. (CVE-2022-23772)

    cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to     be version tags. This can lead to incorrect access control if an actor is supposed to be able to create     branches but not tags. (CVE-2022-23773)

    A flaw was found in the elliptic package of the crypto library in golang when the IsOnCurve function could     return true for invalid field elements. This flaw allows an attacker to take advantage of this undefined     behavior, affecting the availability and integrity of the resource. (CVE-2022-23806)

    Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including     unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy     forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in     the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director     function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse     query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)

    Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in     the working directory named either ..com or ..exe by calling Cmd.Run, Cmd.Start, Cmd.Output, or     Cmd.CombinedOutput when Cmd.Path is unset. (CVE-2022-30580)

    Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause     an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. (CVE-2022-30634)

    An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server     connections contain a cache of HTTP header keys sent by the client. While the total number of entries in     this cache is capped, an attacker sending very large keys can cause the server to allocate approximately     64 MiB per open connection. (CVE-2022-41717)

    The Go project has described this issue as follows:

    On Windows, the filepath.Clean function could transform an invalid path such as a/../c:/b into the valid     path c:\b. This transformation of a relative (if invalid) path into an absolute path could enable a     directory traversal attack. The filepath.Clean function will now transform this path into the relative     (but still invalid) path .\c:\b. (CVE-2022-41722)

    RESERVEDNOTE: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E (CVE-2022-41724)

    Golang: net/http, mime/multipart: denial of service from excessive resource consumption     (https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E) (CVE-2022-41725)

    The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with     some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages     of crypto/ecdsa or crypto/ecdh. (CVE-2023-24532)

    HTTP and MIME header parsing could allocate large amounts of memory, even when parsing small inputs.

    Certain unusual patterns of input data could cause the common function used to parse HTTP and MIME headers     to allocate substantially more memory than required to hold the parsed headers. An attacker can exploit     this behavior to cause an HTTP server to allocate large amounts of memory from a small request,     potentially leading to memory exhaustion and a denial of service. (CVE-2023-24534)

    Multipart form parsing can consume large amounts of CPU and memory when processing form inputs containing     very large numbers of parts. This stems from several causes: 1. mime/multipart.Reader.ReadForm limits the     total memory a parsed multipart form can consume. ReadForm can undercount the amount of memory consumed,     leading it to accept larger inputs than intended. 2. Limiting total memory does not account for increased     pressure on the garbage collector from large numbers of small allocations in forms with many parts. 3.
    ReadForm can allocate a large number of short-lived buffers, further increasing pressure on the garbage     collector. The combination of these factors can permit an attacker to cause an program that parses     multipart forms to consume large amounts of CPU and memory, potentially resulting in a denial of service.
    This affects programs that use mime/multipart.Reader.ReadForm, as well as form parsing in the net/http     package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. With fix,     ReadForm now does a better job of estimating the memory consumption of parsed forms, and performs many     fewer short-lived allocations. In addition, the fixed mime/multipart.Reader imposes the following limits     on the size of parsed forms: 1. Forms parsed with ReadForm may contain no more than 1000 parts. This limit     may be adjusted with the environment variable GODEBUG=multipartmaxparts=. 2. Form parts parsed with     NextPart and NextRawPart may contain no more than 10,000 header fields. In addition, forms parsed with     ReadForm may contain no more than 10,000 header fields across all parts. This limit may be adjusted with     the environment variable GODEBUG=multipartmaxheaders=. (CVE-2023-24536)

    Calling any of the Parse functions on Go source code which contains //line directives with very large line     numbers can cause an infinite loop due to integer overflow. (CVE-2023-24537)

    Templates did not properly consider backticks (`) as Javascript string delimiters, and as such didnot     escape them as expected. Backticks are used, since ES6, for JS template literals. If a templatecontained a     Go template action within a Javascript template literal, the contents of the action couldbe used to     terminate the literal, injecting arbitrary Javascript code into the Go template. (CVE-2023-24538)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of golang installed on the remote host is prior to 1.18.6-1.43. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1731 advisory.

    Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in     the working directory named either ..com or ..exe by calling Cmd.Run, Cmd.Start, Cmd.Output, or     Cmd.CombinedOutput when Cmd.Path is unset. (CVE-2022-30580)

    Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause     an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. (CVE-2022-30634)

    An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can     cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to     create a denial of service, impacting availability. (CVE-2022-32189)

    An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server     connections contain a cache of HTTP header keys sent by the client. While the total number of entries in     this cache is capped, an attacker sending very large keys can cause the server to allocate approximately     64 MiB per open connection. (CVE-2022-41717)

    The Go project has described this issue as follows:

    On Windows, the filepath.Clean function could transform an invalid path such as a/../c:/b into the valid     path c:\b. This transformation of a relative (if invalid) path into an absolute path could enable a     directory traversal attack. The filepath.Clean function will now transform this path into the relative     (but still invalid) path .\c:\b. (CVE-2022-41722)

    http2/hpack: avoid quadratic complexity in hpack decoding (CVE-2022-41723)

    RESERVEDNOTE: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E (CVE-2022-41724)

    Golang: net/http, mime/multipart: denial of service from excessive resource consumption     (https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E) (CVE-2022-41725)

    The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with     some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages     of crypto/ecdsa or crypto/ecdh. (CVE-2023-24532)

    HTTP and MIME header parsing could allocate large amounts of memory, even when parsing small inputs.

    Certain unusual patterns of input data could cause the common function used to parse HTTP and MIME headers     to allocate substantially more memory than required to hold the parsed headers. An attacker can exploit     this behavior to cause an HTTP server to allocate large amounts of memory from a small request,     potentially leading to memory exhaustion and a denial of service. (CVE-2023-24534)

    Multipart form parsing can consume large amounts of CPU and memory when processing form inputs containing     very large numbers of parts. This stems from several causes: 1. mime/multipart.Reader.ReadForm limits the     total memory a parsed multipart form can consume. ReadForm can undercount the amount of memory consumed,     leading it to accept larger inputs than intended. 2. Limiting total memory does not account for increased     pressure on the garbage collector from large numbers of small allocations in forms with many parts. 3.
    ReadForm can allocate a large number of short-lived buffers, further increasing pressure on the garbage     collector. The combination of these factors can permit an attacker to cause an program that parses     multipart forms to consume large amounts of CPU and memory, potentially resulting in a denial of service.
    This affects programs that use mime/multipart.Reader.ReadForm, as well as form parsing in the net/http     package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. With fix,     ReadForm now does a better job of estimating the memory consumption of parsed forms, and performs many     fewer short-lived allocations. In addition, the fixed mime/multipart.Reader imposes the following limits     on the size of parsed forms: 1. Forms parsed with ReadForm may contain no more than 1000 parts. This limit     may be adjusted with the environment variable GODEBUG=multipartmaxparts=. 2. Form parts parsed with     NextPart and NextRawPart may contain no more than 10,000 header fields. In addition, forms parsed with     ReadForm may contain no more than 10,000 header fields across all parts. This limit may be adjusted with     the environment variable GODEBUG=multipartmaxheaders=. (CVE-2023-24536)

    Calling any of the Parse functions on Go source code which contains //line directives with very large line     numbers can cause an infinite loop due to integer overflow. (CVE-2023-24537)

    Templates did not properly consider backticks (`) as Javascript string delimiters, and as such didnot     escape them as expected. Backticks are used, since ES6, for JS template literals. If a templatecontained a     Go template action within a Javascript template literal, the contents of the action couldbe used to     terminate the literal, injecting arbitrary Javascript code into the Go template. (CVE-2023-24538)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of golang installed on the remote host is prior to 1.18.9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2015 advisory.

    Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including     unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy     forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in     the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director     function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse     query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)

    Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in     the working directory named either ..com or ..exe by calling Cmd.Run, Cmd.Start, Cmd.Output, or     Cmd.CombinedOutput when Cmd.Path is unset. (CVE-2022-30580)

    Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause     an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. (CVE-2022-30634)

    The Go project has described this issue as follows:

    On Windows, the filepath.Clean function could transform an invalid path such as a/../c:/b into the valid     path c:\b. This transformation of a relative (if invalid) path into an absolute path could enable a     directory traversal attack. The filepath.Clean function will now transform this path into the relative     (but still invalid) path .\c:\b. (CVE-2022-41722)

    http2/hpack: avoid quadratic complexity in hpack decoding (CVE-2022-41723)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0735-1 advisory.

  - A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean     function could transform an invalid path such as a/../c:/b into the valid path c:\b. This     transformation of a relative (if invalid) path into an absolute path could enable a directory traversal     attack. After fix, the filepath.Clean function transforms this path into the relative (but still invalid)     path .\c:\b. (CVE-2022-41722)

  - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient     to cause a denial of service from a small number of small requests. (CVE-2022-41723)

  - Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS     handshake records which cause servers and clients, respectively, to panic when attempting to construct     responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption     (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client     certificates (by setting Config.ClientAuth >= RequestClientCert). (CVE-2022-41724)

  - A denial of service is possible from excessive resource consumption in net/http and mime/multipart.
    Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory     and disk files. This also affects form parsing in the net/http package with the Request methods FormFile,     FormValue, ParseMultipartForm, and PostFormValue. ReadForm takes a maxMemory parameter, and is documented     as storing up to maxMemory bytes +10MB (reserved for non-file parts) in memory. File parts which cannot     be stored in memory are stored on disk in temporary files. The unconfigurable 10MB reserved for non-file     parts is excessively large and can potentially open a denial of service vector on its own. However,     ReadForm did not properly account for all memory consumed by a parsed form, such as map entry overhead,     part names, and MIME headers, permitting a maliciously crafted form to consume well over 10MB. In     addition, ReadForm contained no limit on the number of disk files created, permitting a relatively small     request body to create a large number of disk temporary files. With fix, ReadForm now properly accounts     for various forms of memory overhead, and should now stay within its documented limit of 10MB + maxMemory     bytes of memory consumption. Users should still be aware that this limit is high and may still be     hazardous. In addition, ReadForm now creates at most one on-disk temporary file, combining multiple form     parts into a single temporary file. The mime/multipart.File interface type's documentation states, If     stored on disk, the File's underlying concrete type will be an *os.File.. This is no longer the case when     a form contains more than one file part, due to this coalescing of parts into a single file. The previous     behavior of using distinct files for each form part may be reenabled with the environment variable     GODEBUG=multipartfiles=distinct. Users should be aware that multipart.ReadForm and the http.Request     methods that call it do not limit the amount of disk consumed by temporary files. Callers can limit the     size of form data with http.MaxBytesReader. (CVE-2022-41725)

  - The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with     some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages     of crypto/ecdsa or crypto/ecdh. (CVE-2023-24532)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0733-1 advisory.

  - A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean     function could transform an invalid path such as a/../c:/b into the valid path c:\b. This     transformation of a relative (if invalid) path into an absolute path could enable a directory traversal     attack. After fix, the filepath.Clean function transforms this path into the relative (but still invalid)     path .\c:\b. (CVE-2022-41722)

  - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient     to cause a denial of service from a small number of small requests. (CVE-2022-41723)

  - Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS     handshake records which cause servers and clients, respectively, to panic when attempting to construct     responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption     (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client     certificates (by setting Config.ClientAuth >= RequestClientCert). (CVE-2022-41724)

  - A denial of service is possible from excessive resource consumption in net/http and mime/multipart.
    Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory     and disk files. This also affects form parsing in the net/http package with the Request methods FormFile,     FormValue, ParseMultipartForm, and PostFormValue. ReadForm takes a maxMemory parameter, and is documented     as storing up to maxMemory bytes +10MB (reserved for non-file parts) in memory. File parts which cannot     be stored in memory are stored on disk in temporary files. The unconfigurable 10MB reserved for non-file     parts is excessively large and can potentially open a denial of service vector on its own. However,     ReadForm did not properly account for all memory consumed by a parsed form, such as map entry overhead,     part names, and MIME headers, permitting a maliciously crafted form to consume well over 10MB. In     addition, ReadForm contained no limit on the number of disk files created, permitting a relatively small     request body to create a large number of disk temporary files. With fix, ReadForm now properly accounts     for various forms of memory overhead, and should now stay within its documented limit of 10MB + maxMemory     bytes of memory consumption. Users should still be aware that this limit is high and may still be     hazardous. In addition, ReadForm now creates at most one on-disk temporary file, combining multiple form     parts into a single temporary file. The mime/multipart.File interface type's documentation states, If     stored on disk, the File's underlying concrete type will be an *os.File.. This is no longer the case when     a form contains more than one file part, due to this coalescing of parts into a single file. The previous     behavior of using distinct files for each form part may be reenabled with the environment variable     GODEBUG=multipartfiles=distinct. Users should be aware that multipart.ReadForm and the http.Request     methods that call it do not limit the amount of disk consumed by temporary files. Callers can limit the     size of form data with http.MaxBytesReader. (CVE-2022-41725)

  - The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with     some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages     of crypto/ecdsa or crypto/ecdh. (CVE-2023-24532)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 3d73e384-ad1f-11ed-983c-83fe35862e3a advisory.

  - A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the filepath.Clean     function could transform an invalid path such as a/../c:/b into the valid path c:\b. This     transformation of a relative (if invalid) path into an absolute path could enable a directory traversal     attack. After fix, the filepath.Clean function transforms this path into the relative (but still invalid)     path .\c:\b. (CVE-2022-41722)

  - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient     to cause a denial of service from a small number of small requests. (CVE-2022-41723)

  - Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS     handshake records which cause servers and clients, respectively, to panic when attempting to construct     responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption     (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client     certificates (by setting Config.ClientAuth >= RequestClientCert). (CVE-2022-41724)

  - A denial of service is possible from excessive resource consumption in net/http and mime/multipart.
    Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory     and disk files. This also affects form parsing in the net/http package with the Request methods FormFile,     FormValue, ParseMultipartForm, and PostFormValue. ReadForm takes a maxMemory parameter, and is documented     as storing up to maxMemory bytes +10MB (reserved for non-file parts) in memory. File parts which cannot     be stored in memory are stored on disk in temporary files. The unconfigurable 10MB reserved for non-file     parts is excessively large and can potentially open a denial of service vector on its own. However,     ReadForm did not properly account for all memory consumed by a parsed form, such as map entry overhead,     part names, and MIME headers, permitting a maliciously crafted form to consume well over 10MB. In     addition, ReadForm contained no limit on the number of disk files created, permitting a relatively small     request body to create a large number of disk temporary files. With fix, ReadForm now properly accounts     for various forms of memory overhead, and should now stay within its documented limit of 10MB + maxMemory     bytes of memory consumption. Users should still be aware that this limit is high and may still be     hazardous. In addition, ReadForm now creates at most one on-disk temporary file, combining multiple form     parts into a single temporary file. The mime/multipart.File interface type's documentation states, If     stored on disk, the File's underlying concrete type will be an *os.File.. This is no longer the case when     a form contains more than one file part, due to this coalescing of parts into a single file. The previous     behavior of using distinct files for each form part may be reenabled with the environment variable     GODEBUG=multipartfiles=distinct. Users should be aware that multipart.ReadForm and the http.Request     methods that call it do not limit the amount of disk consumed by temporary files. Callers can limit the     size of form data with http.MaxBytesReader. (CVE-2022-41725)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
224920	Linux Distros Unpatched Vulnerability : CVE-2022-41722	Nessus	Misc.	high
215597	Azure Linux 3.0 Security Update: golang / msft-golang (CVE-2022-41722)	Nessus	Azure Linux Local Security Checks	high
205348	CBL Mariner 2.0 Security Update: golang / msft-golang (CVE-2022-41722)	Nessus	MarinerOS Local Security Checks	high
204483	Photon OS 4.0: Go PHSA-2023-4.0-0362	Nessus	PhotonOS Local Security Checks	high
204414	Photon OS 4.0: Falco PHSA-2023-4.0-0425	Nessus	PhotonOS Local Security Checks	critical
204385	Photon OS 4.0: Kubernetes PHSA-2023-4.0-0419	Nessus	PhotonOS Local Security Checks	critical
204254	Photon OS 5.0: Falco PHSA-2023-5.0-0046	Nessus	PhotonOS Local Security Checks	critical
204171	Photon OS 5.0: Kubernetes PHSA-2023-5.0-0043	Nessus	PhotonOS Local Security Checks	critical
203948	Photon OS 3.0: Falco PHSA-2023-3.0-0611	Nessus	PhotonOS Local Security Checks	critical
203872	Photon OS 3.0: Go PHSA-2023-3.0-0564	Nessus	PhotonOS Local Security Checks	high
194928	Splunk Enterprise 8.2.0 < 8.2.12, 9.0.0 < 9.0.6, 9.1.0 < 9.1.1 (SVD-2023-0808)	Nessus	CGI abuses	critical
194248	RHEL 8 / 9 : OpenShift Container Platform 4.13.2 (RHSA-2023:3366)	Nessus	Red Hat Local Security Checks	critical
194235	RHEL 8 / 9 : OpenShift Container Platform 4.13.0 (RHSA-2023:1325)	Nessus	Red Hat Local Security Checks	critical
189426	RHCOS 4 : OpenShift Container Platform 4.13.0 (RHSA-2023:1325)	Nessus	Red Hat Local Security Checks	critical
189417	RHCOS 4 : OpenShift Container Platform 4.13.2 (RHSA-2023:3366)	Nessus	Red Hat Local Security Checks	critical
182699	Amazon Linux AMI : golang (ALAS-2023-1848)	Nessus	Amazon Linux Local Security Checks	critical
182007	Amazon Linux 2 : golang (ALASGOLANG1.19-2023-002)	Nessus	Amazon Linux Local Security Checks	critical
175071	Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2023-175)	Nessus	Amazon Linux Local Security Checks	critical
174620	Amazon Linux AMI : golang (ALAS-2023-1731)	Nessus	Amazon Linux Local Security Checks	critical
174580	Amazon Linux 2 : golang, --advisory ALAS2-2023-2015 (ALAS-2023-2015)	Nessus	Amazon Linux Local Security Checks	high
172571	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.20 (SUSE-SU-2023:0735-1)	Nessus	SuSE Local Security Checks	high
172561	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.19 (SUSE-SU-2023:0733-1)	Nessus	SuSE Local Security Checks	high
171512	FreeBSD : go -- multiple vulnerabilities (3d73e384-ad1f-11ed-983c-83fe35862e3a)	Nessus	FreeBSD Local Security Checks	high

Detections

Analytics

CVE-2022-41722

high

Tenable Plugins

high

high

high

high

critical

critical

critical

critical

critical

high

critical

critical

critical

critical

critical

critical

critical

critical

critical

high

high

high

high