Lucene search
K

7 matches found

OSV
OSV
added 2026/01/31 8:43 a.m.3 views

BIT-GOLANG-2025-61726 Memory exhaustion in query parameter parsing in net/url

The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containi...

7.5CVSS7.3AI score0.01945EPSS
Exploits0References273
OSV
OSV
added 2026/01/28 8:16 p.m.5 views

AZL-78925 CVE-2025-61726 affecting package golang 1.25.7-1

The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containi...

7.5CVSS7.2AI score0.01945EPSS
Exploits0References1
OSV
OSV
added 2026/01/28 8:16 p.m.8 views

AZL-75695 CVE-2025-61726 affecting package golang for versions less than 1.24.12-1

The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containi...

7.5CVSS7.2AI score0.01945EPSS
Exploits0References1
NVD
NVD
added 2026/01/28 8:16 p.m.10 views

CVE-2025-61726

The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containi...

7.5CVSS0.01945EPSS
Exploits0References275
OSV
OSV
added 2026/01/28 8:16 p.m.5 views

UBUNTU-CVE-2025-61726

The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containi...

7.5CVSS7.2AI score0.01945EPSS
Exploits0References4
CVE
CVE
added 2026/01/28 7:30 p.m.160 views

CVE-2025-61726

CVE-2025-61726 is tied to Go's net/http ParseForm memory consumption when processing URL query forms. Connected documentation confirms impact on msft-golang packages for versions

7.5CVSS7.3AI score0.01945EPSS
Exploits0References275Affected Software1
OSV
OSV
added 2026/01/28 7:8 p.m.4 views

GO-2026-4341 Memory exhaustion in query parameter parsing in net/url

The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containi...

7.5CVSS5.9AI score0.01945EPSS
Exploits0References3
Rows per page
Query Builder