Lucene search
K

74 matches found

OSV
OSV
added 2026/03/18 11:27 a.m.3 views

SUSE-SU-2026:20904-1 Security update for cosign

This update for cosign fixes the following issues: Update to version 3.0.5: - CVE-2026-24122: Fixed improper validation of certificates that outlive expired CA certificates bsc1258542 - CVE-2026-26958: Fixed filippo.io/edwards25519: failure to initialize receiver in MultiScalarMult can produce...

7.5CVSS6.1AI score0.0053EPSS
Exploits4References19
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.8 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cosign (SUSE-SU-2026:0777-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0777-1 advisory. Update to version 3.0.5 jscSLE-23879. Security issues fixed: - CVE-2025-11065:...

7.5CVSS6AI score0.0053EPSS
Exploits4References28
Github Security Blog
Github Security Blog
added 2026/01/26 9:30 p.m.6 views

Duplicate Advisory: go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2464-8j7c-4cjm. This link is maintained to preserve external references. Original Description A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using...

5.3CVSS5.7AI score0.00357EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/01/26 9:30 p.m.5 views

GHSA-86RF-68F4-2CPH Duplicate Advisory: go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2464-8j7c-4cjm. This link is maintained to preserve external references. Original Description A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using...

5.3CVSS5.7AI score0.00357EPSS
Exploits0References6
OSV
OSV
added 2026/01/26 8:16 p.m.7 views

AZL-75369 CVE-2025-11065 affecting package podman 4.1.1-26

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.5AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.8 views

AZL-75524 CVE-2025-11065 affecting package moby-buildx for versions less than 0.7.1-28

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.3AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.4 views

AZL-75473 CVE-2025-11065 affecting package opa 0.63.0-2

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.3AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.7 views

AZL-75410 CVE-2025-11065 affecting package docker-buildx 0.14.0-8

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.5AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.7 views

AZL-75449 CVE-2025-11065 affecting package kubevirt 1.6.3-3

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.3AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.9 views

AZL-75497 CVE-2025-11065 affecting package kubevirt for versions less than 0.59.0-38

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.3AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.6 views

AZL-75560 CVE-2025-11065 affecting package vitess 19.0.4-7

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.5AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.9 views

AZL-75440 CVE-2025-11065 affecting package keda 2.14.1-9

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.7 views

AZL-75476 CVE-2025-11065 affecting package packer 1.9.5-11

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.10 views

AZL-75452 CVE-2025-11065 affecting package kured 1.15.0-2

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.3AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.8 views

AZL-75428 CVE-2025-11065 affecting package influxdb 2.7.5-10

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.7 views

AZL-75491 CVE-2025-11065 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.6 views

AZL-75419 CVE-2025-11065 affecting package gh 2.62.0-10

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.7 views

AZL-75551 CVE-2025-11065 affecting package packer for versions less than 1.9.5-18

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.3AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.8 views

AZL-75573 CVE-2025-11065 affecting package skopeo for versions less than 1.14.2-14

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.5 views

AZL-75576 CVE-2025-11065 affecting package telegraf for versions less than 1.29.4-21

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
Rows per page
Query Builder