198 matches found
Astra Linux - уязвимость в golang-1.19
Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/TLS clients, as well as servers that have Config.ClientAuth set to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default...
Astra Linux - уязвимость в golang-1.19
The “//line” directive can be used to bypass the restrictions on the “//go:cgo” directives, allowing for the passing of blocked linker and compiler flags during compilation. This can lead to the execution of arbitrary code when running “go build”. The “//line” directive requires the absolute path...
Astra Linux - уязвимость в golang-1.19
The ParseAddressList function improperly handles comments text within parentheses within display names. Since this contradicts conforming address parsers, it can lead to different trust decisions being made by programs that use different parsers...
Astra Linux - уязвимость в golang-1.19
If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates...
Astra Linux - уязвимость в golang-1.19
Large handshake records can cause panics in the crypto/TLS context. Both clients and servers may send large TLS handshake records, which can cause both servers and clients to panic when attempting to construct responses. This issue affects all TLS 1.3 clients, TLS 1.2 clients that explicitly enab...
Astra Linux - уязвимость в golang-1.19
A denial of service may occur due to excessive resource consumption in the net/http and mime/multipart libraries. Parsing multipart forms using mime/multipart.Reader.ReadForm can consume a largely unlimited amount of memory and disk space. This issue also affects form parsing in the net/http...
Astra Linux - уязвимость в golang-1.19, golang-1.23
If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...
Astra Linux - уязвимость в golang-1.19, golang-1.23
archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when consuming a maliciously constructed ZIP archive...
Astra Linux - уязвимость в golang-golang-x-net, golang-1.19
An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...
Astra Linux - уязвимость в golang-1.19, golang-1.23
Proxy-Authorization and Proxy-Authenticate headers remain after cross-origin redirections, potentially exposing sensitive information...
Astra Linux - уязвимость в golang-1.19
Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution...
Astra Linux - уязвимость в golang-1.19
When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as “Authorization” or “Cookie”. For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but ...
Astra Linux - уязвимость в golang-1.19
Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...
Astra Linux - уязвимость в golang-1.19
Angle brackets are not considered dangerous characters when inserted into CSS contexts. Templates that contain multiple actions separated by a '/' character may cause the CSS context to close unexpectedly, allowing for the injection of unexpected HTML, if executed with untrusted input...
PT-2026-35502
Name of the Vulnerable Software and Affected Versions Cilium versions prior to 1.17.15 Cilium versions 1.18.0 through 1.18.8 Cilium versions 1.19.0 through 1.19.2 Description When run against deployments with WireGuard encryption enabled, the output of the cilium-bugtool debugging tool can contai...
SUSE CVE-2026-30892
crun is an open source OCI Container Runtime fully written in C. In versions 1.19 through 1.26, the crun exec option -u --user is incorrectly parsed. The value 1 is interpreted as UID 0 and GID 0 when it should have been UID 1 and GID 0. The process thus runs with higher privileges than expected...
UBUNTU-CVE-2026-30892
crun is an open source OCI Container Runtime fully written in C. In versions 1.19 through 1.26, the crun exec option -u --user is incorrectly parsed. The value 1 is interpreted as UID 0 and GID 0 when it should have been UID 1 and GID 0. The process thus runs with higher privileges than expected...
crun 安全漏洞
Crun is an OCI container runtime library developed by Containers in C language. Versions of Crun from 1.19 to 1.26 and earlier contain security vulnerabilities. These vulnerabilities stem from errors in parsing the crun exec option with the -u parameter, which may allow processes to run with...
CVE-2026-30892
crun is an open source OCI Container Runtime fully written in C. In versions 1.19 through 1.26, the crun exec option -u --user is incorrectly parsed. The value 1 is interpreted as UID 0 and GID 0 when it should have been UID 1 and GID 0. The process thus runs with higher privileges than expected...
EUVD-2026-16026
crun is an open source OCI Container Runtime fully written in C. In versions 1.19 through 1.26, the crun exec option -u --user is incorrectly parsed. The value 1 is interpreted as UID 0 and GID 0 when it should have been UID 1 and GID 0. The process thus runs with higher privileges than expected...