Metrics
Affected Vendors & Products
Thu, 21 Nov 2024 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Els
|
|
CPEs | cpe:/o:redhat:rhel_els:7 | |
Vendors & Products |
Redhat rhel Els
|
|
References |
|
Sat, 16 Nov 2024 02:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_eus:9.4 |
Fri, 15 Nov 2024 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Eus
|
|
CPEs | cpe:/a:redhat:rhel_eus:9.4::appstream | |
Vendors & Products |
Redhat rhel Eus
|
|
References |
|
Tue, 05 Nov 2024 08:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 30 Oct 2024 23:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 22 Oct 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Thu, 03 Oct 2024 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:9 |
Thu, 03 Oct 2024 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:8 |
Thu, 03 Oct 2024 00:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:9::appstream | |
References |
|
Wed, 02 Oct 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:8::appstream | |
References |
|
Tue, 01 Oct 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 01 Oct 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum. It is also possible to force a derived key to be all zeros instead of an unpredictable value. This may have follow-on implications for the Go TLS stack. |
Title | golang-fips: Golang FIPS zeroed buffer | Golang-fips: golang fips zeroed buffer |
First Time appeared |
Redhat
Redhat amq Streams Redhat ansible Automation Platform Redhat container Native Virtualization Redhat enterprise Linux Redhat network Bound Disk Encryption Tang Redhat ocp Tools Redhat openshift Redhat openshift Container Storage Redhat openshift Data Foundation Redhat openshift Devspaces Redhat openshift Gitops Redhat openshift Pipelines Redhat openshift Service On Aws Redhat openstack Redhat satellite Redhat serverless Redhat service Interconnect Redhat storage Redhat trusted Artifact Signer |
|
CPEs | cpe:/a:redhat:amq_streams:1 cpe:/a:redhat:ansible_automation_platform cpe:/a:redhat:ansible_automation_platform:2 cpe:/a:redhat:container_native_virtualization:4 cpe:/a:redhat:network_bound_disk_encryption_tang:1 cpe:/a:redhat:ocp_tools cpe:/a:redhat:openshift:4 cpe:/a:redhat:openshift_container_storage:4 cpe:/a:redhat:openshift_data_foundation:4 cpe:/a:redhat:openshift_devspaces:3::el8 cpe:/a:redhat:openshift_gitops:1 cpe:/a:redhat:openshift_pipelines:1 cpe:/a:redhat:openshift_service_on_aws:1 cpe:/a:redhat:openstack:16.2 cpe:/a:redhat:openstack:17.1 cpe:/a:redhat:satellite:6 cpe:/a:redhat:serverless:1 cpe:/a:redhat:service_interconnect:1 cpe:/a:redhat:storage:3 cpe:/a:redhat:trusted_artifact_signer:1 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat amq Streams Redhat ansible Automation Platform Redhat container Native Virtualization Redhat enterprise Linux Redhat network Bound Disk Encryption Tang Redhat ocp Tools Redhat openshift Redhat openshift Container Storage Redhat openshift Data Foundation Redhat openshift Devspaces Redhat openshift Gitops Redhat openshift Pipelines Redhat openshift Service On Aws Redhat openstack Redhat satellite Redhat serverless Redhat service Interconnect Redhat storage Redhat trusted Artifact Signer |
|
References |
|
Tue, 01 Oct 2024 01:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | |
Title | golang-fips: Golang FIPS zeroed buffer | |
Weaknesses | CWE-457 | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Status: PUBLISHED
Assigner: redhat
Published: 2024-10-01T18:17:29.420Z
Updated: 2024-12-02T14:25:53.286Z
Reserved: 2024-09-30T17:07:30.833Z
Link: CVE-2024-9355
Updated: 2024-10-01T18:37:43.886Z
Status : Undergoing Analysis
Published: 2024-10-01T19:15:09.793
Modified: 2024-11-21T20:15:45.247
Link: CVE-2024-9355