58 matches found
golang security, bug fix, and enhancement update
An update is available for golang. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The golang packages provide the Go programming language compiler. Security...
RLSA-2026:29981 Moderate: golang security, bug fix, and enhancement update
The golang packages provide the Go programming language compiler. Security Fixes: net/textproto: golang: Golang net/textproto: Misleading error messages via input injection CVE-2026-42507 Bug Fixes and Enhancements: Update Go to version 1.26.4+1 rhel-9.8.z JIRA:Rocky Linux-183350 For more details...
golang security, bug fix, and enhancement update
An update is available for golang. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The golang packages provide the Go programming language compiler. Security...
net/textproto: golang: Golang net/textproto: Misleading error messages via input injection
A flaw was found in the net/textproto package in Golang. When functions in this package return errors, they include their input as part of the error message. An attacker could exploit this by injecting misleading content into these error messages, which are then printed or logged. This could lead...
Moderate: Red Hat Security Advisory: golang security, bug fix, and enhancement update
An update for golang is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Moderate: Red Hat Security Advisory: golang security, bug fix, and enhancement update
An update for golang is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
net/textproto: golang: Golang net/textproto: Misleading error messages via input injection
A flaw was found in the net/textproto package in Golang. When functions in this package return errors, they include their input as part of the error message. An attacker could exploit this by injecting misleading content into these error messages, which are then printed or logged. This could lead...
ALSA-2026:29980 Moderate: golang security, bug fix, and enhancement update
The golang packages provide the Go programming language compiler. Security Fixes: net/textproto: golang: Golang net/textproto: Misleading error messages via input injection CVE-2026-42507 Bug Fixes and Enhancements: Update Go to version 1.26.4+1 almalinux-10.2.z JIRA:AlmaLinux-183347 For more...
ALSA-2026:29981 Moderate: golang security, bug fix, and enhancement update
The golang packages provide the Go programming language compiler. Security Fixes: net/textproto: golang: Golang net/textproto: Misleading error messages via input injection CVE-2026-42507 Bug Fixes and Enhancements: Update Go to version 1.26.4+1 almalinux-9.8.z JIRA:AlmaLinux-183350 For more...
CVE-2026-42507
A flaw was found in the net/textproto package in Golang. When functions in this package return errors, they include their input as part of the error message. An attacker could exploit this by injecting misleading content into these error messages, which are then printed or logged. This could lead...
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-42507)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-42507 advisory. - When returning errors, functions in the net/textproto package would include its input as part ...
Arbitrary inputs are included in errors without any escaping in net/textproto
...
BIT-GOLANG-2026-42507 Arbitrary inputs are included in errors without any escaping in net/textproto
When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...
net/textproto: golang: Golang net/textproto: Misleading error messages via input injection
A flaw was found in the net/textproto package in Golang. When functions in this package return errors, they include their input as part of the error message. An attacker could exploit this by injecting misleading content into these error messages, which are then printed or logged. This could lead...
net/textproto: golang: Golang net/textproto: Misleading error messages via input injection
A flaw was found in the net/textproto package in Golang. When functions in this package return errors, they include their input as part of the error message. An attacker could exploit this by injecting misleading content into these error messages, which are then printed or logged. This could lead...
SUSE CVE-2026-42507
When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...
DEBIAN-CVE-2026-42507
When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...
CVE-2026-42507
When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...
CVE-2026-42507 Arbitrary inputs are included in errors without any escaping in net/textproto
When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...
CVE-2026-42507
When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...