4 matches found
Amazon Linux 2023 : golist (ALAS2023-2026-1513)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1513 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or...
Amazon Linux 2 : golist, --advisory ALAS2-2026-3138 (ALAS-2026-3138)
The version of golist installed on the remote host is prior to 0.10.1-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3138 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP...
Amazon Linux 2 : golist, --advisory ALAS2-2025-3119 (ALAS-2025-3119)
The version of golist installed on the remote host is prior to 0.10.1-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3119 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a...
Amazon Linux 2 : golist (ALAS-2025-2922)
The version of golist installed on the remote host is prior to 0.10.1-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2922 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information...