The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0724-1 advisory.

  - Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to     Uncontrolled Memory Consumption. (CVE-2022-23772)

  - cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to     be version tags. This can lead to incorrect access control if an actor is supposed to be able to create     branches but not tags. (CVE-2022-23773)

  - Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return     true in situations with a big.Int value that is not a valid field element. (CVE-2022-23806)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

openSUSE 15 Security Update : go1.16 (openSUSE-SU-2022:0724-1)

critical Nessus Plugin ID 158632

No changelogs found