PT-2025-1609 · Docker +1 · Docker Compose +1

Name of the Vulnerable Software and Affected Versions: compose-go versions v2.10 through v2.4.0 Docker Compose versions v2.27.0 through v2.29.7 Description: The issue allows an authorized user who sends malicious YAML payloads to cause excessive memory and CPU cycle consumption while parsing YAML...

PT-2025-4737 · Unknown +1 · Go Crypto/X509 Library +1

Name of the Vulnerable Software and Affected Versions: Go crypto/x509 library affected versions not specified Description: The issue is related to the incorrect handling of syntactically incorrect structures by the ParsePKCS1PrivateKey function in the Go crypto/x509 library. This could allow a...

CVE-2024-52594

Gomatrixserverlib is a Go library for matrix federation. Gomatrixserverlib is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. The commit c4f1e01 fixes this issue. Users are advised to upgrade. Users unable to upgrade shoul...

gomatrixserverlib 代码问题漏洞

gomatrixserverlib is a Go library from the Matrix Foundation. It is used for common functions required by Matrix servers. A code issue vulnerability exists in Gomatrixserverlib that stems from vulnerability to server-side request forgery attacks...

PT-2025-2932 · Unknown +1 · Gomatrixserverlib +1

Name of the Vulnerable Software and Affected Versions: Gomatrixserverlib affected versions not specified Description: Gomatrixserverlib is a Go library for matrix federation. It is vulnerable to server-side request forgery, serving content from a private network it can access, under certain...

UBUNTU-CVE-2024-51491

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List CRL based revocation check feature. After retrieving the CRL, notation-go...

CVE-2024-56138 Timestamp signature generation lacks certificate revocation check in notion-go

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during Quarkslab's audit of the timestamp feature. During the timestamp signature generation, the revocation status of the certificates used to...

[SECURITY] Fedora 41 Update: age-1.2.1-1.fc41

A simple, modern and secure encryption tool and Go library with small explicit keys, no config options, and UNIX-style composability...

AZL-54345 CVE-2024-45337 affecting package docker-buildx for versions less than 0.14.0-2

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

The vulnerability of the QUIC protocol implementation in the quic-go library, written in the Go programming language, arises from insufficient verification of data authenticity. This allows attackers to influence the accessibility of protected information.

The vulnerability of the QUIC protocol implementation in the Go programming language library quic-go is related to insufficient verification of data authenticity. Exploiting this vulnerability could allow a malicious actor, operating remotely, to compromise the accessibility of protected...

AZL-53453 CVE-2024-53859 affecting package gh for versions less than 2.62.0-5

go-gh is a Go module for interacting with the gh utility and the GitHub API from the command line. A security vulnerability has been identified in go-gh that could leak authentication tokens intended for GitHub hosts to non-GitHub hosts when within a codespace. go-gh sources authentication tokens...

Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library

A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host...

Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library

A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host...

Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library

A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host...

Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library

A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host...

Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library

A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host...

AZL-52195 CVE-2024-51744 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-1

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by...

SUSE CVE-2024-47877

Extract is aA Go library to extract archives in zip, tar.gz or tar.bz2 formats. A maliciously crafted archive may allow an attacker to create a symlink outside the extraction target directory. This vulnerability is fixed in 4.0.0. If you're using the Extractor.FS interface, then upgrading to /v4...

Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library

A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host...

Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library

A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host...