Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2026/07/01 11:30 a.m.4 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References8
CVE
CVE
added 2026/06/04 4:7 p.m.26 views

CVE-2026-49941

CVE-2026-49941 affects Net::CIDR::Set (Perl) up to version 0.20. The vulnerability arises when add() delegates to _encode() to parse addresses; inputs that aren’t netmasks/ranges are treated as single IPs and recursed as 32/128-bit netmasks. If an argument isn’t a well-formed IP address, this can...

7.5CVSS5.8AI score0.00329EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/20 2:34 a.m.7 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2024/03/04 12:0 a.m.7 views

The vulnerability of the Rack module in the Ruby programming language involves the use of a regular expression c, which has an inefficient computational cost. This allows attackers to trigger a service failure.

The vulnerability of the Ruby interpreter’s Rack module is related to the incorrect handling of invalid URL addresses. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

5.3CVSS6.2AI score0.01996EPSS
Exploits0References13Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/01/12 12:0 a.m.6 views

The vulnerability of the Ruby programming language components rfc2396 parser.rb and rfc3986 parser.rb allows a hacker to cause a service failure.

The vulnerability of the Ruby programming language components rfc2396 Parser.rb and rfc3986 Parser.rb is related to the incorrect handling of invalid URL addresses. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

5.3CVSS6.3AI score0.01698EPSS
Exploits0References9Affected Software8
Rows per page
Query Builder