Lucene search
+L

15 matches found

RedHat Linux
RedHat Linux
added 3 days ago4 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS6.9AI score0.00813EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 4 days ago6 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS6.9AI score0.00813EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 5 days ago6 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS6.9AI score0.00813EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/08 4:32 p.m.4 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS7.1AI score0.00813EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/08 9:19 a.m.5 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS7.1AI score0.00813EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/06 3:20 a.m.9 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS7.1AI score0.00813EPSS
Exploits0References8
Snyk
Snyk
added 2026/06/19 7:18 p.m.8 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the resources.GetRemote process while the host platform uses the cgo system resolver. When alternate IPv4 encodings are used in URLs, such as integer, hexadecimal, or octal representations, which bypa...

8.6CVSS5.9AI score0.00208EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/19 7:18 p.m.5 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the resources.GetRemote process while the host platform uses the cgo system resolver. When alternate IPv4 encodings are used in URLs, such as integer, hexadecimal, or octal representations, which bypa...

8.6CVSS5.9AI score0.00208EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/04 12:43 p.m.2 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS6.1AI score0.00813EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/04 12:39 p.m.3 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS6.1AI score0.00813EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/07 9:30 p.m.24 views

EUVD-2026-28419

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

5.8AI score0.00813EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/05/07 7:41 p.m.16 views

CVE-2026-33811

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

7.5CVSS5.8AI score0.00813EPSS
Exploits0
OSV
OSV
added 2026/05/07 7:41 p.m.3 views

CVE-2026-33811 Crash when handling long CNAME response in net

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

7.5CVSS7.1AI score0.00813EPSS
Exploits0References45
Snyk
Snyk
added 2026/05/07 7:21 p.m.8 views

Double Free

Overview std/net is a Go standard library package std/net Affected versions of this package are vulnerable to Double Free. Go Vulnerability Report: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. Remediation Upgrade...

8.7CVSS5.8AI score0.00813EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.13 views

PT-2026-38560

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description When using the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory, leading to a crash. This occurs specifically when utilizing th...

9.8CVSS5.8AI score0.00813EPSS
Exploits0
Rows per page
Query Builder