9 matches found
Unity Linux 20.1070a Security Update: osbuild-composer (UTSA-2026-016497)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016497 advisory. The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the...
CLEANSTART-2026-MI26424 net/url package does not set a limit on the number of query parameters in a query
Multiple security vulnerabilities affect the cert-manager package. The net/url package does not set a limit on the number of query parameters in a query. See references for individual vulnerability details...
golang: net/url: Memory exhaustion in query parameter parsing in net/url
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...
CLEANSTART-2026-RD09851 net/url package does not set a limit on the number of query parameters in a query
Multiple security vulnerabilities affect the prometheus-operator package. The net/url package does not set a limit on the number of query parameters in a query. See references for individual vulnerability details...
golang: net/url: Memory exhaustion in query parameter parsing in net/url
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...
CVE-2025-61726
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...
UBUNTU-CVE-2025-61726
The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containi...
CVE-2025-61726
The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containi...
Allocation of Resources Without Limits or Throttling
Overview std/net/url is a Go standard library package std/net/url Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: The net/url package does not set a limit on the number of query parameters in a query. While the...