Lucene search
K

5 matches found

OSV
OSV
added 2026/05/11 5:44 a.m.8 views

BIT-GOLANG-2026-39820 Quadratic string concatentation in consumeComment in net/mail

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

7.5CVSS5.8AI score0.00784EPSS
Exploits0References18
OSV
OSV
added 2026/05/07 7:41 p.m.2 views

CVE-2026-39820 Quadratic string concatentation in consumeComment in net/mail

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

7.5CVSS5.9AI score0.00784EPSS
Exploits0References20
Vulnrichment
Vulnrichment
added 2026/05/07 7:41 p.m.11 views

CVE-2026-39820 Quadratic string concatentation in consumeComment in net/mail

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

5.8AI score0.00784EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/07 7:41 p.m.57 views

CVE-2026-39820 Quadratic string concatentation in consumeComment in net/mail

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

0.00784EPSS
Exploits0References4
CVE
CVE
added 2026/05/07 7:41 p.m.98 views

CVE-2026-39820

CVE-2026-39820 relates to the Go net/mail package, specifically a quadratic string concatenation in the consumeComment path. This root cause can cause excessive CPU usage and memory allocations when parsing crafted inputs through functions like ParseAddress, ParseAddressList, and ParseDate. The p...

7.5CVSS5.8AI score0.00784EPSS
Exploits0References17Affected Software1
Rows per page
Query Builder