14 matches found
Astra Linux - уязвимость в golang-1.19
The ParseAddressList function improperly handles comments text within parentheses within display names. Since this contradicts conforming address parsers, it can lead to different trust decisions being made by programs that use different parsers...
MiracleLinux 8 : container-tools:rhel8 (AXSA:2024-8686:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8686:01 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in...
Comments in display names are incorrectly handled in net/mail
...
Security update for go1.21-openssl
This update for go1.21-openssl fixes the following issues: CVE-2024-24791: Fixed denial of service due to improper 100-continue handling bsc1227314 CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip bsc1225973 CVE-2024-24790: Fixed unexpected behavior from Is...
golang: net/mail: comments in display names are incorrectly handled
A flaw was found in Go's net/mail standard library package. The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using...
golang: net/mail: comments in display names are incorrectly handled
A flaw was found in Go's net/mail standard library package. The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using...
golang: net/mail: comments in display names are incorrectly handled
A flaw was found in Go's net/mail standard library package. The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using...
golang: net/mail: comments in display names are incorrectly handled
A flaw was found in Go's net/mail standard library package. The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using...
golang: net/mail: comments in display names are incorrectly handled
A flaw was found in Go's net/mail standard library package. The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using...
AZL-79048 CVE-2024-24784 affecting package golang 1.25.7-1
The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...
UBUNTU-CVE-2024-24784
The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...
Improper Neutralization
Overview std/net/mail is a Go standard library package std/net/mail Affected versions of this package are vulnerable to Improper Neutralization. Go Vulnerability Report: The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a...
Google Go Security Vulnerability
Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google, Inc. A security vulnerability exists in Google Go that stems from the ParseAddressList function incorrectly handling comments in display names...
PT-2024-4460 · Go +9 · Netmail +9
Name of the Vulnerable Software and Affected Versions: net/mail package in Go affected versions not specified Description: The issue is related to the ParseAddressList function, which incorrectly handles comments within display names. This can lead to different trust decisions being made by...