Amazon Linux 2 : golist, --advisory ALAS2-2025-3069 (ALAS-2025-3069)

The version of golist installed on the remote host is prior to 0.10.1-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3069 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresse...

Amazon Linux 2 : soci-snapshotter, --advisory ALAS2DOCKER-2025-080 (ALASDOCKER-2025-080)

The version of soci-snapshotter installed on the remote host is prior to 0.11.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-080 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than...

CVE-2025-11412 affecting package gdb for versions less than 11.2-10

CVE-2025-11412 affecting package gdb for versions less than 11.2-10. A patched version of the package is available...

CVE-2021-32256 affecting package gdb for versions less than 11.2-10

CVE-2021-32256 affecting package gdb for versions less than 11.2-10. A patched version of the package is available...

CVE-2025-11083 affecting package gdb for versions less than 11.2-10

CVE-2025-11083 affecting package gdb for versions less than 11.2-10. A patched version of the package is available...

CVE-2025-5244 affecting package gdb for versions less than 11.2-10

CVE-2025-5244 affecting package gdb for versions less than 11.2-10. A patched version of the package is available...

CVE-2025-62689

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service DoS...

CVE-2025-59777

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service DoS...

UBUNTU-CVE-2025-62689

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service DoS...

CVE-2025-62689

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service DoS...

CVE-2025-62689

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service DoS...

CVE-2025-59777

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service DoS...

EUVD-2025-41747

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service DoS...

Important: amazon-cloudwatch-agent

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

GNU libmicrohttpd 安全漏洞

GNU libmicrohttpd is an application from the US GNU community. Runs an HTTP server as part of another application. A security vulnerability exists in GNU libmicrohttpd 1.0.2 and earlier versions, which stems from a null pointer dereference and could lead to a denial of service...

Important: amazon-cloudwatch-agent

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

Important: nerdctl

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

Important: oci-add-hooks

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

GNU libmicrohttpd 代码问题漏洞

GNU libmicrohttpd is an application from the US GNU community. Runs an HTTP server as part of another application. A code issue vulnerability exists in GNU libmicrohttpd 1.0.2 and earlier versions, which stems from the presence of a null pointer dereference that could lead to a denial of service...

Important: runc

Issue Overview: Placeholder CVE. Details forthcoming CVE-2025-31133 net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to b...