32 matches found
ROS-20260622-73-0029
The vulnerability of the ParseAddress, ParseAddressList, and ParseDate functions in the Go programming language is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability can allow a malicious actor to cause service failures...
CVE-2026-39820
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...
net/mail: golang: Go net/mail: Denial of Service via crafted email inputs
A flaw was found in the net/mail package of the Go programming language. An attacker could provide specially crafted inputs to the ParseAddress, ParseAddressList, or ParseDate functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service DoS for...
Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2026-1743)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1743 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...
Linux Distros Unpatched Vulnerability : CVE-2026-39820
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations. CVE-2026-39820...
EUVD-2026-28423
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...
CVE-2026-39820
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...
UBUNTU-CVE-2026-39820
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...
CVE-2026-39820
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...
CVE-2026-39820
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...
CVE-2026-39820
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...
Allocation of Resources Without Limits or Throttling
Overview std/net/mail is a Go standard library package std/net/mail Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger...
net/mail: Excessive CPU consumption in ParseAddress in net/mail
A denial of service vulnerability has been discovered in the golang net/mail module. The ParseAddress function constructed domain-literal address components through repeated string concatenation which when parsing large domain-literal components, could cause excessive CPU consumption...
PT-2026-38564
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Well-crafted inputs reaching the functions ParseAddress, ParseAddressList, and ParseDate can trigger excessive CPU exhaustion and memory allocations, leading to ...
Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 1.0.311 Vulnerability Details CVEID:CVE-2025-61725 DESCRIPTION: The ParseAddress function constructs domain-literal address components through repeated string concatenatio...
K000159890: Golang vulnerability CVE-2025-61725
Security Advisory Description The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption. CVE-2025-61725 Impact An attacker may be able to exploit this...
CLEANSTART-2026-PB78859 ParseAddress function constructs domain-literal address components through repeated string concatenation
Multiple security vulnerabilities affect the kubevela package. The ParseAddress function constructs domain-literal address components through repeated string concatenation. See references for individual vulnerability details...
CLEANSTART-2026-NF19624 ParseAddress function constructs domain-literal address components through repeated string concatenation
Security vulnerability affects the timoni package. The ParseAddress function constructs domain-literal address components through repeated string concatenation...
CLEANSTART-2026-TY78539 ParseAddress function constructs domain-literal address components through repeated string concatenation
Multiple security vulnerabilities affect the go-fips-1.24 package. The ParseAddress function constructs domain-literal address components through repeated string concatenation. See references for individual vulnerability details...
CLEANSTART-2026-VS64679 ParseAddress function constructs domain-literal address components through repeated string concatenation
Multiple security vulnerabilities affect the go-fips-1.24 package. The ParseAddress function constructs domain-literal address components through repeated string concatenation. See references for individual vulnerability details...