AZL-75500 CVE-2025-11065 affecting package kured for versions less than 1.14.2-7

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

AZL-31972 CVE-2022-32149 affecting package kured for versions less than 1.13.2-1

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

AZL-31963 CVE-2022-27664 affecting package kured for versions less than 1.13.2-1

In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error...

AZL-31969 CVE-2022-25891 affecting package kured for versions less than 1.13.2-1

The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 are vulnerable to Denial of Service DoS via the util.PartitionMessage function. Exploiting this vulnerability is possible by sending exactly 2000, 4000, or 6000 characters messages...