Astra Linux - уязвимость в golang-golang-x-text

In golang.org/x/text, the text/language field before version 0.3.7 can cause a panic due to an out-of-bounds read during BCP 47 language tag parsing. Index calculations are also handled incorrectly. If untrusted user input is parsed, this could be exploited as a vector for a denial-of-service...

MAL-2026-1659 Malicious code in bcp-security-updates (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ae78f7be7d7bfc2a5c001fd71b000a7cfe42a5f8c6e7d2b828ec3f143d26319 The package bcp-security-updates was found to contain malicious code...

Malicious code in bcp-security-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9d8a18510bbeb71543526f0ef059351a12f97a1addd3c8664961231a7e862bf The package bcp-security-update was found to contain malicious code...

Malicious code in bcp-security-updates (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ae78f7be7d7bfc2a5c001fd71b000a7cfe42a5f8c6e7d2b828ec3f143d26319 The package bcp-security-updates was found to contain malicious code...

MAL-2026-1658 Malicious code in bcp-security-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9d8a18510bbeb71543526f0ef059351a12f97a1addd3c8664961231a7e862bf The package bcp-security-update was found to contain malicious code...

EUVD-2025-37284

Malicious code in bcp-security-package-update npm...

MAL-2025-49280 Malicious code in bcp-security-package-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ab9e582af309b4d91c05179b0b3a9d0532e26d3c7c34b1d80d0b1ad826d71c4 The package bcp-security-package-update was found to contain malicious code. Source: ghsa-malware...

Malicious code in bcp-security-package-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ab9e582af309b4d91c05179b0b3a9d0532e26d3c7c34b1d80d0b1ad826d71c4 The package bcp-security-package-update was found to contain malicious code. Source: ghsa-malware...

EUVD-2020-21244

Malware in sbrugna...

EUVD-2021-27362

Malware in sbrugna...

EUVD-2021-31472

Malicious code in bioql PyPI...

EUVD-2022-7707

Malicious code in bioql PyPI...

CVE-2021-44652

Zoho ManageEngine O365 Manager Plus before Build 4416 allows remote code execution via BCP file overwrite through the ChangeDBAPI component...

CLSA-2025-1742923385 ghostscript: Fix of CVE-2023-28879

CVE-2023-28879: Fix buffer overflow in base/sbcp.c by correctly handling write buffer for BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode functions...

In x/text in Go before v0.3.5 a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)

...

MAL-2024-4321 Malicious code in Blockcore.Nеtwоrks.BCP (NuGet)

--- -= Per source details. Do not edit below this line.=-...

RHEL 8 : podman (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - golang: out-of-bounds read in golang.org/x/text/language leads to DoS CVE-2021-38561 Note that Nessus has not teste...

UBUNTU-CVE-2023-28879

In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then...

USN-5873-1: Go Text vulnerabilities

It was discovered that Go Text incorrectly handled certain encodings. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-14040 It was discovered that Go Text incorrectly handled certain BCP 47 language...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Go Text vulnerabilities (USN-5873-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5873-1 advisory. It was discovered that Go Text incorrectly handled certain encodings. An attacker could possibly use this issue to cause a denial...