what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

CVE-2020-14040

Status Candidate

Overview

The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.

Related Files

Ubuntu Security Notice USN-5873-1
Posted Feb 16, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5873-1 - It was discovered that Go Text incorrectly handled certain encodings. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that Go Text incorrectly handled certain BCP 47 language tags. An attacker could possibly use this issue to cause a denial of service. CVE-2020-28851, CVE-2020-28852, and CVE-2021-38561 affected only Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2020-14040, CVE-2020-28851, CVE-2020-28852, CVE-2022-32149
SHA-256 | 3ae52f8c8eeaf1c15d2f6b8350abdc0b916787aac75c18c7126b2a401ff03055
Red Hat Security Advisory 2021-3140-01
Posted Aug 12, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3140-01 - This release of Red Hat Fuse 7.9.0 serves as a replacement for Red Hat Fuse 7.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, bypass, code execution, cross site scripting, denial of service, deserialization, information leakage, man-in-the-middle, memory leak, resource exhaustion, server-side request forgery, remote SQL injection, and traversal vulnerabilities.

tags | advisory, remote, web, denial of service, vulnerability, code execution, xss, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2017-18640, CVE-2017-5645, CVE-2019-12402, CVE-2019-14887, CVE-2019-16869, CVE-2019-20445, CVE-2020-10688, CVE-2020-10693, CVE-2020-10714, CVE-2020-10719, CVE-2020-11996, CVE-2020-13920, CVE-2020-13934, CVE-2020-13935, CVE-2020-13936, CVE-2020-13954, CVE-2020-13956, CVE-2020-14040, CVE-2020-14297, CVE-2020-14338, CVE-2020-14340, CVE-2020-1695, CVE-2020-17510, CVE-2020-17518, CVE-2020-1925, CVE-2020-1935, CVE-2020-1938
SHA-256 | 7b87634aaeff995c7acbe482688b36f551a706a54a262f6607bd35c528818502
Red Hat Security Advisory 2021-2039-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2039-01 - This release of Red Hat Integration - Service registry 1.1.1.GA serves as a replacement for 1.1.0.GA, and includes the below security fixes. Issues addressed include XML injection and remote SQL injection vulnerabilities.

tags | advisory, remote, registry, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-14040, CVE-2020-25638, CVE-2020-25649
SHA-256 | 016baf810f0fc092f71233e8a3a373f15cd931df73eb2a65bb7e42e8e6050a8a
Red Hat Security Advisory 2021-1369-01
Posted Apr 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1369-01 - Red Hat Advanced Cluster Management for Kubernetes 2.1.6 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-0466, CVE-2020-14040, CVE-2020-27152, CVE-2020-28374, CVE-2020-35149, CVE-2021-20218, CVE-2021-20305, CVE-2021-26708, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365, CVE-2021-3121, CVE-2021-3347, CVE-2021-3449, CVE-2021-3450
SHA-256 | 019fe35bad08451966b333b48fcaaaf15597ee545c7cbbff9ea4261482d338df
Red Hat Security Advisory 2021-1168-01
Posted Apr 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1168-01 - Red Hat Advanced Cluster Management for Kubernetes 2.2.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console-with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues. Issues addressed include code execution, denial of service, integer overflow, and null pointer vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-0466, CVE-2020-14040, CVE-2020-27152, CVE-2020-28374, CVE-2020-28500, CVE-2020-28851, CVE-2020-28852, CVE-2020-29529, CVE-2021-21321, CVE-2021-21322, CVE-2021-23337, CVE-2021-23840, CVE-2021-23841, CVE-2021-26708, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365, CVE-2021-3121, CVE-2021-3347, CVE-2021-3449, CVE-2021-3450
SHA-256 | cfc0ee4720a885efcdbb629dc90451c511ea3b56ea59530b3ab8554fa0475c01
Red Hat Security Advisory 2021-1129-01
Posted Apr 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1129-01 - Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. This advisory is intended to use with container images for Red Hat 3scale API Management 2.10.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-20843, CVE-2019-11719, CVE-2019-11727, CVE-2019-11756, CVE-2019-12749, CVE-2019-14866, CVE-2019-15903, CVE-2019-17006, CVE-2019-17023, CVE-2019-17498, CVE-2019-19126, CVE-2019-19532, CVE-2019-19956, CVE-2019-20388, CVE-2019-20907, CVE-2019-5094, CVE-2019-5188, CVE-2020-0427, CVE-2020-12243, CVE-2020-12400, CVE-2020-12401, CVE-2020-12402, CVE-2020-12403, CVE-2020-12723, CVE-2020-14040, CVE-2020-14351, CVE-2020-1971
SHA-256 | 080546fe1bfc5e278c82d7414e75a36e9df9b89d827f78304ae6390c7b762f52
Red Hat Security Advisory 2021-0420-01
Posted Feb 4, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0420-01 - Quay 3.4.0 release. Issues addressed include HTTP request smuggling, buffer overflow, information leakage, integer overflow, out of bounds read, and out of bounds write vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-16785, CVE-2019-16786, CVE-2019-16789, CVE-2019-19911, CVE-2019-20477, CVE-2019-3866, CVE-2020-10177, CVE-2020-10378, CVE-2020-10379, CVE-2020-10994, CVE-2020-11538, CVE-2020-14040, CVE-2020-5310, CVE-2020-5311, CVE-2020-5312, CVE-2020-5313, CVE-2020-8131
SHA-256 | fc1c021d43cf16f4b5a7a35f8b5247813c911163c4070cc206c22b06869fb2c6
Red Hat Security Advisory 2020-5606-01
Posted Dec 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5606-01 - Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-14040, CVE-2020-15586, CVE-2020-16845
SHA-256 | 9eda33e0d614fc5d68eb10804df850f0f2e09e59f58a82e21295810d2647ebe0
Red Hat Security Advisory 2020-5198-01
Posted Nov 24, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5198-01 - Red Hat OpenShift Jaeger is Red Hat's distribution of the Jaeger project, tailored for installation into an on-premise OpenShift Container Platform installation.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-19794, CVE-2020-14040
SHA-256 | 0364e0f4cfb6f1c12dc78b676e6f0e4d9366d5964d1742935b19b337664bfe67
Red Hat Security Advisory 2020-5149-01
Posted Nov 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5149-01 - Red Hat OpenShift Serverless 1.11.0 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.6.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-20843, CVE-2019-13050, CVE-2019-13627, CVE-2019-14889, CVE-2019-1551, CVE-2019-15903, CVE-2019-16168, CVE-2019-16935, CVE-2019-19221, CVE-2019-19906, CVE-2019-19956, CVE-2019-20218, CVE-2019-20387, CVE-2019-20388, CVE-2019-20454, CVE-2019-20907, CVE-2019-20916, CVE-2019-5018, CVE-2020-10029, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-14040, CVE-2020-14422, CVE-2020-1730, CVE-2020-1751, CVE-2020-1752
SHA-256 | ae040d80529f54eb92eb0fd38e2a45abadc228521f0e608f7b65bb3d75caee9c
Red Hat Security Advisory 2020-5054-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5054-01 - The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14040
SHA-256 | f92551824b5d626a1e18cfcdbb044ba22c3711db05bb35dddb1a37d9fa41ce0f
Red Hat Security Advisory 2020-5056-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5056-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14040, CVE-2020-14370
SHA-256 | 665ed5d98c9957e15d97945672e8f8f56a65b8382a21f1d0f5f7eee78d24bcb6
Red Hat Security Advisory 2020-5055-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5055-01 - The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14040
SHA-256 | 2a8eee492b4b82b510d75ca3fea6d2035132dc887c1b2ae216ff3335fa1c26f8
Red Hat Security Advisory 2020-4694-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4694-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include information leakage, man-in-the-middle, and out of bounds read vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-10749, CVE-2020-10756, CVE-2020-14040
SHA-256 | 7b13b0c6f83c6a6292bdcddb68a7fb3b320eaec0b3391cb8f42be4414664644b
Red Hat Security Advisory 2020-4297-01
Posted Oct 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4297-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. The runC tool is a lightweight, portable implementation of the Open Container Format that provides container runtime. The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Issues addressed include information leakage, man-in-the-middle, and traversal vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-16541, CVE-2020-14040, CVE-2020-14370, CVE-2020-16845, CVE-2020-2252, CVE-2020-2254, CVE-2020-2255, CVE-2020-8564
SHA-256 | ad89efbaecf4af121b6a5f9076507a5e419275c9a6fba2dfaf8b66ce8a783eea
Red Hat Security Advisory 2020-4214-01
Posted Oct 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4214-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-14040, CVE-2020-15586, CVE-2020-16845
SHA-256 | b6438465a359f2900a2a552e51a31f4566f6ccaaf40dcea864e27e2a46b70382
Red Hat Security Advisory 2020-3783-01
Posted Sep 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3783-01 - OpenShift Container Platform components are primarily written in Go. The golang.org/x/text contains text-related packages which are used for text operations, such as character encodings, text transformations, and locale-specific text handling.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14040
SHA-256 | 424d1b2c893b99ef926d3bdf4105791bc5744129dcfb09980ecb990214f480e9
Red Hat Security Advisory 2020-3780-01
Posted Sep 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3780-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14040
SHA-256 | e9058870707c8054ebf0ed4d4fe08b29682f1db80e6c11bddeeeed76a3ecb5a4
Red Hat Security Advisory 2020-3727-01
Posted Sep 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3727-01 - OpenShift Container Platform components are primarily written in Go. The golang.org/x/text contains text-related packages which are used for text operations, such as character encodings, text transformations, and locale-specific text handling. Kibana is one of the major components of OpenShift Container Platform cluster logging. It is a browser-based console interface to query, discover, and visualize the log data.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10743, CVE-2020-14040
SHA-256 | 9b8cb278c0d21a3f67b9aa928505210b8c164d31a327f55ca3116f94d7ce2053
Red Hat Security Advisory 2020-3578-01
Posted Sep 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3578-01 - OpenShift Container Platform components are primarily written in Go. The golang.org/x/text contains text-related packages which are used for text operations, such as character encodings, text transformations, and locale-specific text handling. Kibana is one of the major components of OpenShift Container Platform cluster logging. It is a browser-based console interface to query, discover, and visualize the log data. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2020-10531, CVE-2020-11080, CVE-2020-14040, CVE-2020-7015, CVE-2020-7598, CVE-2020-8174
SHA-256 | 76031ee5b291a4db7234b7111c7dc3217a89ce4c9123293670c14dbd76b08150
Red Hat Security Advisory 2020-3665-01
Posted Sep 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3665-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-14040, CVE-2020-15586, CVE-2020-16845
SHA-256 | 9836ff22ee1c4b573559d076da14b9688fb435fcac091a747e65150878e185b7
Red Hat Security Advisory 2020-3372-01
Posted Aug 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3372-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-11080, CVE-2020-14040, CVE-2020-9283
SHA-256 | 15f8218926e31fddac4d72a068f13ab48a873143fcc6b353105a0e0f83f64a23
Red Hat Security Advisory 2020-3369-01
Posted Aug 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3369-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include code execution and open redirection vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-11023, CVE-2020-12666, CVE-2020-14040, CVE-2020-8203, CVE-2020-9283
SHA-256 | 7222258e85e542b4bd918c83fa6a94b633c208a270e15b944a03ec1b0f6b7cf9
Red Hat Security Advisory 2020-3087-01
Posted Jul 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3087-01 - Red Hat OpenShift Jaeger is Red Hat's distribution of the Jaeger project, tailored for installation into an on-premise OpenShift Container Platform installation.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-12049, CVE-2020-14040
SHA-256 | beb36d6fde9d9b16b89f5ae7ac29137d7e53b66ff31cf855503a76f0b99bc58a
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close