Lucene search
+L

74 matches found

osv
osv
added 2026/03/18 11:27 a.m.3 views

SUSE-SU-2026:20904-1 Security update for cosign

This update for cosign fixes the following issues: Update to version 3.0.5: - CVE-2026-24122: Fixed improper validation of certificates that outlive expired CA certificates bsc1258542 - CVE-2026-26958: Fixed filippo.io/edwards25519: failure to initialize receiver in MultiScalarMult can produce...

7.5CVSS6.1AI score0.00533EPSS
Exploits4References19
nessus
nessus
added 2026/03/06 12:0 a.m.8 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cosign (SUSE-SU-2026:0777-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0777-1 advisory. Update to version 3.0.5 jscSLE-23879. Security issues fixed: - CVE-2025-11065:...

7.5CVSS6AI score0.00533EPSS
Exploits4References28
github
github
added 2026/01/26 9:30 p.m.8 views

Duplicate Advisory: go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2464-8j7c-4cjm. This link is maintained to preserve external references. Original Description A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using...

5.3CVSS5.7AI score0.00357EPSS
Exploits0References6Affected Software1
osv
osv
added 2026/01/26 9:30 p.m.7 views

GHSA-86RF-68F4-2CPH Duplicate Advisory: go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2464-8j7c-4cjm. This link is maintained to preserve external references. Original Description A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using...

5.3CVSS5.7AI score0.00357EPSS
Exploits0References6
nvd
nvd
added 2026/01/26 8:16 p.m.8 views

CVE-2025-11065

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS0.00357EPSS
Exploits0References4
osv
osv
added 2026/01/26 8:16 p.m.9 views

AZL-75564 CVE-2025-11065 affecting package rook 1.6.2-27

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.3AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.10 views

AZL-75440 CVE-2025-11065 affecting package keda 2.14.1-9

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.8 views

AZL-75416 CVE-2025-11065 affecting package docker-compose 2.27.0-6

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.7 views

AZL-75458 CVE-2025-11065 affecting package cri-o for versions less than 1.22.3-20

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.10 views

AZL-75413 CVE-2025-11065 affecting package docker-cli 25.0.7-1

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.6 views

AZL-75407 CVE-2025-11065 affecting package coredns 1.11.4-13

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.3AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.10 views

AZL-75557 CVE-2025-11065 affecting package telegraf 1.31.0-12

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.3AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.7 views

AZL-75554 CVE-2025-11065 affecting package prometheus for versions less than 2.37.9-7

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.8 views

AZL-75551 CVE-2025-11065 affecting package packer for versions less than 1.9.5-18

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.3AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.9 views

AZL-75389 CVE-2025-11065 affecting package cert-manager 1.12.15-4

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.8 views

AZL-75491 CVE-2025-11065 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.9 views

AZL-75372 CVE-2025-11065 affecting package azl-otel-collector 0.127.0-1

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.3AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.9 views

AZL-75428 CVE-2025-11065 affecting package influxdb 2.7.5-10

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.8 views

AZL-75530 CVE-2025-11065 affecting package moby-compose for versions less than 2.17.3-14

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.7 views

AZL-75375 CVE-2025-11065 affecting package cri-o 1.30.1-1

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.3AI score0.00357EPSS
Exploits0References1
Rows per page
Query Builder