Lucene search
+L

74 matches found

osv
osv
added 2026/03/18 11:27 a.m.3 views

SUSE-SU-2026:20904-1 Security update for cosign

This update for cosign fixes the following issues: Update to version 3.0.5: - CVE-2026-24122: Fixed improper validation of certificates that outlive expired CA certificates bsc1258542 - CVE-2026-26958: Fixed filippo.io/edwards25519: failure to initialize receiver in MultiScalarMult can produce...

7.5CVSS6.1AI score0.00533EPSS
Exploits4References19
nessus
nessus
added 2026/03/06 12:0 a.m.8 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cosign (SUSE-SU-2026:0777-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0777-1 advisory. Update to version 3.0.5 jscSLE-23879. Security issues fixed: - CVE-2025-11065:...

7.5CVSS6AI score0.00533EPSS
Exploits4References28
osv
osv
added 2026/01/26 9:30 p.m.7 views

GHSA-86RF-68F4-2CPH Duplicate Advisory: go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2464-8j7c-4cjm. This link is maintained to preserve external references. Original Description A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using...

5.3CVSS5.7AI score0.00357EPSS
Exploits0References6
github
github
added 2026/01/26 9:30 p.m.7 views

Duplicate Advisory: go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2464-8j7c-4cjm. This link is maintained to preserve external references. Original Description A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using...

5.3CVSS5.7AI score0.00357EPSS
Exploits0References6Affected Software1
osv
osv
added 2026/01/26 8:16 p.m.8 views

AZL-75413 CVE-2025-11065 affecting package docker-cli 25.0.7-1

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.7 views

AZL-75389 CVE-2025-11065 affecting package cert-manager 1.12.15-4

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.7 views

AZL-75491 CVE-2025-11065 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
nvd
nvd
added 2026/01/26 8:16 p.m.8 views

CVE-2025-11065

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS0.00357EPSS
Exploits0References4
osv
osv
added 2026/01/26 8:16 p.m.7 views

AZL-75410 CVE-2025-11065 affecting package docker-buildx 0.14.0-8

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.5AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.7 views

AZL-75560 CVE-2025-11065 affecting package vitess 19.0.4-7

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.5AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.6 views

AZL-75488 CVE-2025-11065 affecting package keda for versions less than 2.4.0-32

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.5AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.7 views

AZL-75369 CVE-2025-11065 affecting package podman 4.1.1-26

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.5AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.7 views

AZL-75458 CVE-2025-11065 affecting package cri-o for versions less than 1.22.3-20

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.6 views

AZL-75545 CVE-2025-11065 affecting package opa for versions less than 0.63.0-6

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.8 views

AZL-75425 CVE-2025-11065 affecting package cert-manager for versions less than 1.11.2-27

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.6 views

AZL-75554 CVE-2025-11065 affecting package prometheus for versions less than 2.37.9-7

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.6 views

AZL-75576 CVE-2025-11065 affecting package telegraf for versions less than 1.29.4-21

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.9 views

AZL-75476 CVE-2025-11065 affecting package packer 1.9.5-11

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.10 views

AZL-75527 CVE-2025-11065 affecting package moby-cli for versions less than 24.0.9-8

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
osv
osv
added 2026/01/26 8:16 p.m.8 views

AZL-75479 CVE-2025-11065 affecting package influxdb for versions less than 2.6.1-30

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
Rows per page
Query Builder