1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2024-fb32950d11

[FEDORA-2024-fb32950d11] Fedora 39: golang-x-mod

Severity High
Affected Packages 1
CVEs 3
Info Packages References Vulnerabilities

Update to v0.14.0 to address CVE-2022-41717 and CVE-2023-39325

Package Affected Version
pkg:rpm/fedora/golang-x-mod?distro=fedora-39 < 0.14.0.1.fc39
ID
FEDORA-2024-fb32950d11
Severity
high
Severity from
CVE-2023-39325
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2024-fb32950d11
Published
2024-01-18T01:47:10
(8 months ago)
Modified
2024-01-18T01:47:10
(8 months ago)
Rights
Copyright 2024 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 2248209 Bug #2248209 - golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325) https://bugzilla.redhat.com/show_bug.cgi?id=2248209
Bugzilla 2254210 Bug #2254210 - CVE-2023-48795 ssh: Prefix truncation attack on Binary Packet Protocol (BPP) https://bugzilla.redhat.com/show_bug.cgi?id=2254210
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/golang-x-mod?distro=fedora-39 fedora golang-x-mod < 0.14.0.1.fc39 fedora-39
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date