Lucene search
+L

14085 matches found

RedHat Linux
RedHat Linux
added 2 days ago6 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS6.9AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2 days ago8 views

crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

A flaw was found in Go's crypto/x509 package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service DoS for...

7.5CVSS6.9AI score0.00349EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2 days ago7 views

crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...

7.5CVSS6.9AI score0.00615EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2 days ago6 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7AI score0.00459EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2 days ago7 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS6.7AI score0.00292EPSS
Exploits0References8
Oracle linux
Oracle linux
added 2 days ago4 views

go-fdo-client and go-fdo-server security update

go-fdo-client 1.0.0-4 - Rebuild to fix CVE-2026-32282 and CVE-2025-68121 1.0.0-3 - Rebuild to fix CVE-2026-32283 go-fdo-server 1.0.1-2 - Rebuild to fix CVE-2026-32282 and CVE-2025-68121 1.0.1-1 - Update to 1.0.1 upstream release - Resolves: RHEL-165475 1.0.0-3 - Rebuild to fix CVE-2026-32283...

10CVSS7.1AI score0.00765EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2 days ago3 views

openSUSE 16 Security Update : go1.25-openssl (openSUSE-SU-2026:21319-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:21319-1 advisory. This update for go1.25-openssl fixes the following issues - Update to version go1.25.12 bsc1244485. - CVE-2025-61732: cmd/cgo: discrepancy betwe...

10CVSS6.9AI score0.00939EPSS
Exploits1References94
Github Security Blog
Github Security Blog
added 3 days ago12 views

dd-trace-go: Improper parsing of W3C baggage headers may lead to DoS

Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References2Affected Software2
OSV
OSV
added 3 days ago4 views

GHSA-74J5-XF3V-CRQ8 dd-trace-go: Improper parsing of W3C baggage headers may lead to DoS

Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References2
Rockylinux
Rockylinux
added 3 days ago4 views

git-lfs security update

An update is available for git-lfs. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Git Large File Storage LFS replaces large files such as audio samples, video...

7.5CVSS7AI score0.00813EPSS
Exploits0
Rockylinux
Rockylinux
added 3 days ago5 views

yggdrasil security update

An update is available for yggdrasil. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list yggdrasil is a system daemon that subscribes to topics on an MQTT broker a...

9.6CVSS6.5AI score0.00939EPSS
Exploits0
OSV
OSV
added 3 days ago4 views

RLSA-2026:39272 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME...

7.5CVSS7AI score0.00813EPSS
Exploits0References2
Rockylinux
Rockylinux
added 3 days ago6 views

git-lfs security update

An update is available for git-lfs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Git Large File Storage LFS replaces large files such as audio samples, videos...

7.5CVSS7AI score0.00813EPSS
Exploits0
Rockylinux
Rockylinux
added 3 days ago4 views

go-toolset:rhel8 security, bug fix, and enhancement update

An update is available for delve, module.delve, module.golang, golang. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset provides the Go programming...

9.6CVSS6.5AI score0.00939EPSS
Exploits0
OSV
OSV
added 3 days ago5 views

RLSA-2026:38995 Important: go-toolset:rhel8 security, bug fix, and enhancement update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing CVE-2026-39821 crypto/x509: golang: golang crypto/x509: Deni...

8.2CVSS6.5AI score0.00939EPSS
Exploits0References4
OSV
OSV
added 3 days ago5 views

RLSA-2026:39266 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME...

7.5CVSS7AI score0.00813EPSS
Exploits0References2
CVE
CVE
added 3 days ago9 views

CVE-2026-56339

Capgo (Cap-go/capgo) prior to version 12.128.2 is affected by an information disclosure in the Supabase PostgREST SECURITY DEFINER RPC function public.rescind_invitation. The function returns distinct errors (NO_ORG vs NO_RIGHTS) when called with a publishable API key, allowing unauthenticated at...

8.7CVSS6.1AI score0.00276EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 3 days ago8 views

Important: Red Hat Security Advisory: Release of containers for RHOSO 18.0.21

Red Hat OpenStack Services on OpenShift RHOSO 18.0.21 containers are now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7.1AI score0.00679EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 3 days ago4 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS6.1AI score0.00813EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 3 days ago4 views

crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application

A flaw was found in the crypto/x509 package within Go golang. When verifying a certificate chain, excluded DNS Domain Name System constraints are not correctly applied to wildcard DNS Subject Alternative Names SANs if the case of the SAN differs from the constraint. This oversight could allow an...

8.8CVSS6.1AI score0.0034EPSS
Exploits0References8
Rows per page
Query Builder