RHEL 8 / 9 : OpenShift Container Platform 4.18.33 (RHSA-2026:2071)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:2071 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

SMTP Command-smuggling

github.com/wneessen/go-mail is vulnerable to SMTP command-smuggling. The vulnerability is due to incorrect handling of mail.Address values when constructing the MAIL FROM and RCPT TO SMTP commands, which allows an attacker to smuggle extra ESMTP parameters or manipulate recipient routing by...

go-jose: Go JOSE's Parsing Vulnerable to Denial of Service

A flaw was found in GO-JOSE. In affected versions, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code uses strings.Splittoken, "." to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large numb...