Lucene search
+L

59 matches found

CVE
CVE
added 2026/06/02 10:1 p.m.87 views

CVE-2026-42507

CVE-2026-42507 affects the Go net/textproto package. The root issue is that error returns include user-controlled input as part of the error string, which could allow an attacker to inject misleading content into errors that are printed or logged. The connected sources confirm this behavior acros...

5.3CVSS5.8AI score0.0037EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/02 10:1 p.m.10 views

CVE-2026-42507

When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...

5.3CVSS5.8AI score0.0037EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/02 10:1 p.m.11 views

CVE-2026-42507

When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...

5.8AI score0.0037EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/02 10:1 p.m.36 views

CVE-2026-42507 Arbitrary inputs are included in errors without any escaping in net/textproto

When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...

0.0037EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/06/02 10:1 p.m.6 views

CVE-2026-42507

When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...

5.3CVSS5.8AI score0.0037EPSS
Exploits0
Snyk
Snyk
added 2026/06/02 9:39 p.m.8 views

Improper Output Neutralization for Logs

Overview std/net/textproto is a Go standard library package std/net/textproto Affected versions of this package are vulnerable to Improper Output Neutralization for Logs. Go Vulnerability Report: When returning errors, functions in the net/textproto package would include its input as part of the...

6.9CVSS5.5AI score0.0037EPSS
Exploits0References3
OSV
OSV
added 2026/06/02 9:39 p.m.11 views

GO-2026-5039 Arbitrary inputs are included in errors without any escaping in net/textproto

When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged...

5.3CVSS5.8AI score0.0037EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.32 views

PT-2026-45875

Name of the Vulnerable Software and Affected Versions Go affected versions not specified Description Functions within the net/textproto package include input as part of the error when returning errors. This behavior allows an attacker to inject misleading content into errors that are subsequently...

9.8CVSS5.8AI score0.0037EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/10 2:24 p.m.3 views

net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

5.3CVSS6.1AI score0.00526EPSS
Exploits0References8
Microsoft CVE
Microsoft CVE
added 2025/10/31 1:7 a.m.6 views

Excessive CPU consumption in Reader.ReadResponse in net/textproto

...

5.3CVSS7AI score0.00526EPSS
Exploits0
Cvelist
Cvelist
added 2025/10/29 10:10 p.m.14 views

CVE-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

0.00526EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/10/29 10:10 p.m.3 views

CVE-2025-61724

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

5.3CVSS8.1AI score0.00526EPSS
Exploits0
OSV
OSV
added 2025/10/29 9:51 p.m.9 views

GO-2025-4015 Excessive CPU consumption in Reader.ReadResponse in net/textproto

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

5.3CVSS6.5AI score0.00526EPSS
Exploits0References3
OSV
OSV
added 2025/10/20 1:12 p.m.7 views

SUSE-SU-2025:3682-1 Security update for go1.24

This update for go1.24 fixes the following issues: go1.24.9 released 2025-10-13 includes fixes to the crypto/x509 package. bsc1236217 crypto/x509: TLS validation fails for FQDNs with trailing dot go1.24.8 released 2025-10-07 includes security fixes to the archive/tar, crypto/tls, crypto/x509,...

7.5CVSS6.7AI score0.00626EPSS
Exploits0References22
SUSE Linux
SUSE Linux
added 2025/10/11 1:22 a.m.4 views

Security update for go1.25

This update for go1.25 fixes the following issues: go1.25.2 released 2025-10-07 includes security fixes to the archive/tar, crypto/tls, crypto/x509, encoding/asn1, encoding/pem, net/http, net/mail, net/textproto, and net/url packages, as well as bug fixes to the compiler, the runtime, and the...

9.4CVSS6.7AI score0.00626EPSS
Exploits0References42
Microsoft CVE
Microsoft CVE
added 2025/09/04 7:8 a.m.4 views

Memory exhaustion in multipart form parsing in net/textproto and net/http

...

6.5CVSS7AI score0.01165EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 5:40 a.m.2 views

Excessive memory allocation in net/http and net/textproto

...

7.5CVSS9.3AI score0.01888EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.33 views

RHEL 8 / 9 : OpenShift Container Platform 4.13.3 (RHSA-2023:3536)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3536 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

9.8CVSS7.2AI score0.02281EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.33 views

RHEL 8 / 9 : Red Hat Service Interconnect 1.4 Release (RHSA-2023:4003)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4003 advisory. As a Kubernetes user, I cannot connect easily connect services from one cluster with services on another cluster. Red Hat Application...

9.8CVSS7.3AI score0.04561EPSS
Exploits1References30
BDU FSTEC
BDU FSTEC
added 2024/04/22 12:0 a.m.5 views

The vulnerability of the net/textproto package in the Golang programming language, which allows a hacker to trigger a service failure.

The vulnerability of the Golang net/textproto package is related to the large amount of memory allocated during the analysis of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

7.8CVSS6.4AI score0.01888EPSS
Exploits0References6Affected Software2
Rows per page
Query Builder