43 matches found
Important: ecs-init
Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...
CVE-2026-42499
Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322...
Important: containerd
Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...
Important: runc
Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...
Important: docker
Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...
Important: containerd
Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...
SUSE CVE-2026-42499
Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322...
EUVD-2026-28432
Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322...
CVE-2026-42499
Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322...
UBUNTU-CVE-2026-42499
Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322...
CVE-2026-42499
Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322...
CVE-2026-42499
Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322...
GO-2026-4977 Quadratic string concatenation in consumePhrase in net/mail
Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go; this vulnerability arises from parsing email addresses according to RFC 5322. Pathological inputs may...
MiracleLinux 8 : python27:2.7 (AXSA:2020-969:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-969:01 advisory. python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20060 python: Cookie domain check...
CVE-2018-18898
The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing...
Important: python3.9
Issue Overview: Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. CVE-2007-4559...
CLSA-2024-1730133909 Fix CVE(s): CVE-2023-27043
SECURITY UPDATE: Incorrect parsing of email addresses containing special characters - debian/patches/CVE-2023-27043.patch: Fix email address parsing errors by adding optional 'strict' parameter to getaddresses and parseaddr functions - CVE-2023-27043...
Fedora 39 : python3.8 (2024-f652468298)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-f652468298 advisory. This is a security release of Python 3.11 ----------------------------------------- Note: The release you're looking at is Python 3.11.10, a securit...
CLSA-2024-1717692229 python3: Fix of 3 CVEs
Remove -b option, use original maintainer approach - Fix expat regression tests for xmletree - CVE-2022-48564: Improve validation of Plist files that prevent DoS - CVE-2023-40217: Fix TLS handshake bypass - CVE-2023-27043: reject malformed addresses in email.parseaddr...