74 matches found
EUVD-2025-29426
Malicious code in bioql PyPI...
EUVD-2025-29481
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-11065
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information...
GO-2025-3900 Go-viper's mapstructure May Leak Sensitive Information in Logs in github.com/go-viper/mapstructure
Go-viper's mapstructure May Leak Sensitive Information in Logs in github.com/go-viper/mapstructure...
Fedora 41 : toolbox (2025-ab370b9ac9)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-ab370b9ac9 advisory. Security fixes Bumped the minimum github.com/go-viper/mapstructure/v2 version to 2.3.0 for GHSA-fv92-fjc5-jj9h or GO-2025-3787 Bumped the minimum...
Improper Output Neutralization for Logs
Overview Affected versions of this package are vulnerable to Improper Output Neutralization for Logs via the WeakDecode function when handling malformed input data. An attacker can cause sensitive information to be included in error logs by submitting specially crafted input that triggers error...
GHSA-2464-8J7C-4CJM go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data
Summary Use of this library in a security-critical context may result in leaking sensitive information, if used to process sensitive fields. Details OpenBao and presumably HashiCorp Vault have surfaced error messages from mapstructure as follows:...
Improper Output Neutralization for Logs
Overview Affected versions of this package are vulnerable to Improper Output Neutralization for Logs via the WeakDecode function when handling malformed input data. An attacker can cause sensitive information to be included in error logs by submitting specially crafted input that triggers error...
go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data
Summary Use of this library in a security-critical context may result in leaking sensitive information, if used to process sensitive fields. Details OpenBao and presumably HashiCorp Vault have surfaced error messages from mapstructure as follows:...
Fedora 42 : toolbox (2025-e41c694c83)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-e41c694c83 advisory. Security fixes Bumped the minimum github.com/go-viper/mapstructure/v2 version to 2.3.0 for GHSA-fv92-fjc5-jj9h or GO-2025-3787 Bumped the minimum...
GHSA-FV92-FJC5-JJ9H mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data
Summary Use of this library in a security-critical context may result in leaking sensitive information, if used to process sensitive fields. Details OpenBao and presumably HashiCorp Vault have surfaced error messages from mapstructure as follows:...
mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data
Summary Use of this library in a security-critical context may result in leaking sensitive information, if used to process sensitive fields. Details OpenBao and presumably HashiCorp Vault have surfaced error messages from mapstructure as follows:...
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File when processing malformed data. An attacker can access sensitive information by submitting specially crafted malformed input that causes error messages to include confidential data in...
PT-2025-42407
Name of the Vulnerable Software and Affected Versions golang-github-go-viper-mapstructure affected versions not specified Description The software may leak sensitive information in logs. The package golang-github-go-viper-mapstructure in Debian Linux is affected. Recommendations At the moment,...