Lucene search
K

12 matches found

RedHat Linux
RedHat Linux
added 2026/05/19 4:21 p.m.14 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/01 11:23 a.m.5 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/03/06 12:0 a.m.6 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from the insufficient validation of host/authors during the url.Parse function. This allo...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.6 views

PT-2026-21652

Name of the Vulnerable Software and Affected Versions Craft versions 4.5.0-RC1 through 4.16.18 Craft versions 5.0.0-RC1 through 5.8.22 Description Craft is a content management system CMS. The SSRF validation in Craft CMS’s GraphQL Asset mutation uses gethostbyname, which only resolves IPv4...

7.1CVSS5.2AI score0.00427EPSS
Exploits2References16
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-3040

Malware in sbrugna...

5.7CVSS6.4AI score0.00647EPSS
Exploits0References2
OSV
OSV
added 2025/01/31 5:51 p.m.18 views

PSF-2025-1

The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...

6.3CVSS6.5AI score0.01499EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2025/01/30 12:0 a.m.11 views

openSUSE Security Advisory (SUSE-SU-2025:0285-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.8AI score0.00685EPSS
Exploits0References8
OSV
OSV
added 2025/01/29 2:31 p.m.14 views

SUSE-SU-2025:0285-1 Security update for go1.24

This update for go1.24 fixes the following issues: This update ships go1.24rc2 bsc1236217. - CVE-2024-45341: Properly check for IPv6 hosts in URIs bsc1236045 - CVE-2024-45336: Persist header stripping across repeated redirects bsc1236046 - CVE-2025-22865: Avoid panic when parsing partial PKCS1...

8.8CVSS6.9AI score0.00685EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/01/29 12:0 a.m.14 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.24 (SUSE-SU-2025:0285-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0285-1 advisory. This update ships go1.24rc2 bsc1236217. - CVE-2024-45341: Properly check for IPv6 hosts in URIs...

8.8CVSS6.6AI score0.00685EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2025/01/29 12:0 a.m.14 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.23 (SUSE-SU-2025:0280-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0280-1 advisory. - Update to go1.23.5 bsc1229122 - CVE-2024-45341: Properly check for IPv6 hosts in URIs bsc12360...

6.1CVSS6.6AI score0.00647EPSS
Exploits0References8
Cvelist
Cvelist
added 2014/04/23 10:0 a.m.25 views

CVE-2012-3062

Cisco IOS before 15.11SY, when Multicast Listener Discovery MLD snooping is enabled, allows remote attackers to cause a denial of service CPU consumption or device crash via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193...

6.7AI score0.00647EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.46 views

Ubuntu Update for linux-source-2.6.17 vulnerabilities USN-486-1

Ubuntu Update for Linux kernel vulnerabilities USN-486-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4861.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for linux-source-2.6.17 vulnerabilities USN-486-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

7.8CVSS0.8AI score0.05035EPSS
Exploits16References2
Rows per page
Query Builder