97 matches found
OPENSUSE-SU-2026:20902-1 Security update for keybase-client
This update for keybase-client fixes the following issues: Changes in keybase-client: - golang.org/x/crypto/ssh: Fixed multiple issues: CVE-2026-39827, CVE-2026-39834, CVE-2026-39828, CVE-2026-39829, CVE-2026-39831, CVE-2026-42508, CVE-2026-39833, CVE-2026-39830, CVE-2026-39832, CVE-2026-46597,...
Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2026-1743)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1743 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...
RHEL 9 : golang (RHSA-2026:19181)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19181 advisory. The golang packages provide the Go programming language compiler. Security Fixes: crypto/x509: Incorrect enforcement of email constraints i...
MGASA-2026-0143 Updated golang packages fix security vulnerabilities
We are moving to a supported branch as ver. 1.24 reaches EOL. This update comes with the security vulnerabilities fixed in the 1.25 branch. Please see the links for details...
Updated golang packages fix security vulnerabilities
We are moving to a supported branch as ver. 1.24 reaches EOL. This update comes with the security vulnerabilities fixed in the 1.25 branch. Please see the links for details...
RHEL 9 : golang (RHSA-2026:16497)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:16497 advisory. The golang packages provide the Go programming language compiler. Security Fixes: cmd/go: golang: Go golang and cmd/go: Arbitrary Code Execution via...
RHEL 9 : golang (RHSA-2026:7833)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:7833 advisory. The golang packages provide the Go programming language compiler. Security Fixes: cmd/go: cmd/go: Arbitrary file write via malicious...
Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2026-1482)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1482 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or...
Medium: golang
Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...
RHEL 10 : golang (RHSA-2026:5941)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5941 advisory. The golang packages provide the Go programming language compiler. Security Fixes: cmd/go: cmd/go: Arbitrary file write via malicious...
RHEL 9 : golang (RHSA-2026:3472)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3472 advisory. The golang packages provide the Go programming language compiler. Security Fixes: golang: archive/zip: Excessive CPU consumption when buildi...
ALSA-2026:3668 Important: go-rpm-macros security update
This package provides build-stage rpm automation to simplify the creation of Go language golang packages. It does not need to be included in the default build root: go-srpm-macros will pull it in for Go packages only. Security Fixes: golang: net/url: Memory exhaustion in query parameter parsing i...
RHEL 9 : golang (RHSA-2026:3473)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3473 advisory. The golang packages provide the Go programming language compiler. Security Fixes: golang: archive/zip: Excessive CPU consumption when buildi...
RockyLinux 10 : golang-github-openprinting-ipp-usb (RLSA-2026:3092)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3092 advisory. golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption in crypto/tls...
Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2026-1438)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1438 advisory. A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary. CVE-2025-61732 Tenable has extracted the preceding description block directly from...
RHEL 10 : golang (RHSA-2026:2706)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2706 advisory. The golang packages provide the Go programming language compiler. Security Fixes: golang: archive/zip: Excessive CPU consumption when...
Linux Distros Unpatched Vulnerability : CVE-2025-61726
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited b...
Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2025-1323)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1323 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf...
RHEL 9 : golang (RHSA-2025:21336)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21336 advisory. The golang packages provide the Go programming language compiler. Security Fixes: database/sql: Postgres Scan Race Condition CVE-2025-47907 For more...
RHEL 9 : golang (RHSA-2025:19397)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:19397 advisory. The golang packages provide the Go programming language compiler. Security Fixes: database/sql: Postgres Scan Race Condition CVE-2025-47907 For more...