[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2023:0733-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":24,"duplicates":25,"related":26,"reserved_at":9,"published_at":32,"modified_at":33,"state":9,"summary":34,"references_raw":36,"kevs":90,"epss":9,"epss_history":91,"metrics":92,"affected":93},"SUSE-SU-2023:0733-1","Security update for go1.19\n\nThis update for go1.19 fixes the following issues:\n\n- CVE-2022-41722: Fixed path traversal in filepath.Clean on Windows (bsc#1208269).\n- CVE-2022-41723: Fixed quadratic complexity in HPACK decoding (bsc#1208270).\n- CVE-2022-41724: Fixed panic with arge handshake records in crypto/tls (bsc#1208271).\n- CVE-2022-41725: Fixed denial of service from excessive resource consumption in net/http and mime/multipart (bsc#1208272).\n- CVE-2023-24532: Fixed incorrect P-256 ScalarMult and ScalarBaseMult results (bsc#1209030).\n\nUpdate to go1.19.7  \n* go#58441 runtime: some linkname signatures do not match\n* go#58502 cmd/link: relocation truncated to fit: R_ARM_CALL against `runtime.duffcopy'\n* go#58535 runtime: long latency of sweep assists\n* go#58716 net: TestTCPSelfConnect failures due to unexpected connections\n* go#58773 syscall: Environ uses an invalid unsafe.Pointer conversion on Windows\n* go#58810 crypto/x509: TestSystemVerify consistently failing\n\n\nUpdate to go1.19.6:\n* go#56154 net/http: bad handling of HEAD requests with a body\n* go#57635 crypto/x509: TestBoringAllowCert failures\n* go#57812 runtime: performance regression due to bad instruction used in morestack_noctxt for ppc64 in CL 425396\n* go#58118 time: update zoneinfo_abbrs on Windows\n* go#58223 cmd/link: .go.buildinfo is gc'ed by --gc-sections\n* go#58449 cmd/go/internal/modfetch: TestCodeRepo/gopkg.in_natefinch_lumberjack.v2/latest failing\n\nUpdate to go1.19.5 (bsc#1200441):\n* go#57706 Misc/cgo: backport needed for dlltool fix\n* go#57556 crypto/x509: re-allow duplicate attributes in CSRs\n* go#57444 cmd/link: need to handle new-style LoongArch relocs\n* go#57427 crypto/x509: Verify on macOS does not return typed errors\n* go#57345 cmd/compile: the loong64 intrinsic for CompareAndSwapUint32 function needs to sign extend its 'old' argument.\n* go#57339 syscall, internal/poll: accept4-to-accept fallback removal broke Go code on Synology DSM 6.2 ARM devices\n* go#57214 os: TestLstat failure on Linux Aarch64\n* go#57212 reflect: sort.SliceStable sorts incorrectly on arm64 with less function created with reflect.MakeFunc and slice of sufficient length\n* go#57124 sync/atomic: allow linked lists of atomic.Pointer\n* go#57100 cmd/compile: non-retpoline-compatible errors\n* go#57058 cmd/go: remove test dependency on gopkg.in service\n* go#57055 cmd/go: TestScript/version_buildvcs_git_gpg (if enabled) fails on linux longtest builders\n* go#56983 runtime: failure in TestRaiseException on windows-amd64-2012\n* go#56834 cmd/link/internal/ppc64: too-far trampoline is reused\n* go#56770 cmd/compile: walkConvInterface produces broken IR\n* go#56744 cmd/compile: internal compiler error: missing typecheck\n* go#56712 net: reenable TestLookupDotsWithRemoteSource and TestLookupGoogleSRV with a different target\n* go#56154 net/http: bad handling of HEAD requests with a body\n",null,[],[],[],[14,16,18,20,22],{"_key":15},"CVE-2022-41722",{"_key":17},"CVE-2022-41723",{"_key":19},"CVE-2022-41724",{"_key":21},"CVE-2022-41725",{"_key":23},"CVE-2023-24532",[],[],[27,28,29,30,31],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},"2023-03-14T17:07:14Z","2026-02-04T03:53:20.061871Z",{"cisa_kev":35,"cisa_ransomware":35,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[37,44,49,53,57,61,65,69,74,78,82,86],{"url":38,"sources":39,"tags":42},"https://www.suse.com/support/update/announcement/2023/suse-su-20230733-1/",[40,41],"osv_suse","osv_opensuse",[43],"Advisory",{"url":45,"sources":46,"tags":47},"https://bugzilla.suse.com/1200441",[40,41],[48],"REPORT",{"url":50,"sources":51,"tags":52},"https://bugzilla.suse.com/1208269",[40,41],[48],{"url":54,"sources":55,"tags":56},"https://bugzilla.suse.com/1208270",[40,41],[48],{"url":58,"sources":59,"tags":60},"https://bugzilla.suse.com/1208271",[40,41],[48],{"url":62,"sources":63,"tags":64},"https://bugzilla.suse.com/1208272",[40,41],[48],{"url":66,"sources":67,"tags":68},"https://bugzilla.suse.com/1209030",[40,41],[48],{"url":70,"sources":71,"tags":72},"https://www.suse.com/security/cve/CVE-2022-41722",[40,41],[73],"WEB",{"url":75,"sources":76,"tags":77},"https://www.suse.com/security/cve/CVE-2022-41723",[40,41],[73],{"url":79,"sources":80,"tags":81},"https://www.suse.com/security/cve/CVE-2022-41724",[40,41],[73],{"url":83,"sources":84,"tags":85},"https://www.suse.com/security/cve/CVE-2022-41725",[40,41],[73],{"url":87,"sources":88,"tags":89},"https://www.suse.com/security/cve/CVE-2023-24532",[40,41],[73],[],[],[],[94,107,113,117,121,125,129,133],{"ecosystem":95,"name":96,"vendor":97,"product":98,"cpe_part":9,"purl_type":99,"purl_namespace":97,"purl_name":98,"source":9,"versions":100},"openSUSE","go1.19","opensuse","go1.19&distro=openSUSE Leap 15.4","rpm",[101],{"version":102,"is_range":103,"range_type":104,"version_start":9,"version_start_type":9,"version_end":105,"version_end_type":106,"fixed_in":9},"lt1_19_7_150000_1_23_1",true,"ecosystem","1.19.7-150000.1.23.1","excluding",{"ecosystem":108,"name":96,"vendor":109,"product":110,"cpe_part":9,"purl_type":99,"purl_namespace":109,"purl_name":110,"source":9,"versions":111},"SUSE Linux Enterprise","suse","go1.19&distro=SUSE Enterprise Storage 7.1",[112],{"version":102,"is_range":103,"range_type":104,"version_start":9,"version_start_type":9,"version_end":105,"version_end_type":106,"fixed_in":9},{"ecosystem":108,"name":96,"vendor":109,"product":114,"cpe_part":9,"purl_type":99,"purl_namespace":109,"purl_name":114,"source":9,"versions":115},"go1.19&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",[116],{"version":102,"is_range":103,"range_type":104,"version_start":9,"version_start_type":9,"version_end":105,"version_end_type":106,"fixed_in":9},{"ecosystem":108,"name":96,"vendor":109,"product":118,"cpe_part":9,"purl_type":99,"purl_namespace":109,"purl_name":118,"source":9,"versions":119},"go1.19&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",[120],{"version":102,"is_range":103,"range_type":104,"version_start":9,"version_start_type":9,"version_end":105,"version_end_type":106,"fixed_in":9},{"ecosystem":108,"name":96,"vendor":109,"product":122,"cpe_part":9,"purl_type":99,"purl_namespace":109,"purl_name":122,"source":9,"versions":123},"go1.19&distro=SUSE Linux Enterprise Module for Development Tools 15 SP4",[124],{"version":102,"is_range":103,"range_type":104,"version_start":9,"version_start_type":9,"version_end":105,"version_end_type":106,"fixed_in":9},{"ecosystem":108,"name":96,"vendor":109,"product":126,"cpe_part":9,"purl_type":99,"purl_namespace":109,"purl_name":126,"source":9,"versions":127},"go1.19&distro=SUSE Linux Enterprise Real Time 15 SP3",[128],{"version":102,"is_range":103,"range_type":104,"version_start":9,"version_start_type":9,"version_end":105,"version_end_type":106,"fixed_in":9},{"ecosystem":108,"name":96,"vendor":109,"product":130,"cpe_part":9,"purl_type":99,"purl_namespace":109,"purl_name":130,"source":9,"versions":131},"go1.19&distro=SUSE Linux Enterprise Server 15 SP3-LTSS",[132],{"version":102,"is_range":103,"range_type":104,"version_start":9,"version_start_type":9,"version_end":105,"version_end_type":106,"fixed_in":9},{"ecosystem":108,"name":96,"vendor":109,"product":134,"cpe_part":9,"purl_type":99,"purl_namespace":109,"purl_name":134,"source":9,"versions":135},"go1.19&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3",[136],{"version":102,"is_range":103,"range_type":104,"version_start":9,"version_start_type":9,"version_end":105,"version_end_type":106,"fixed_in":9}]