6 matches found
Security update for go1.26
This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. CVE-2026-42507: net/textproto: arbitrary input are includ...
SUSE-SU-2026:2327-1 Security update for go1.26
This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-42504)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-42504 advisory. - Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume...
CVE-2026-42504 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-dynamodb, crossplane-provider-azure-authorization, kapp-controller, apisix-ingress-controller, grafana-operator, grafana-rollout-operator, trino, kubevela, timoni, flux-image-reflector-controller, kiali, crossplane-provider-aws-rds, redpanda,...
CVE-2026-42504
creationtimestamp| type| source ---|---|--- 2026-06-03 02:40:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mne3ga4eue23 2026-06-03 12:01:07+00:00| seen| https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mnf2rgkfkm2f 2026-06-04 06:00:20+00:00| seen|...
CVE-2026-42504 Quadratic complexity in WordDecoder.DecodeHeader in mime
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...