Lucene search
K

9 matches found

RedHat Linux
RedHat Linux
added 2026/04/30 3:3 a.m.15 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.9AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/28 8:36 p.m.12 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.9AI score0.00728EPSS
Exploits0References8
OSV
OSV
added 2026/04/27 4:21 p.m.21 views

CLSA-2026-1777306907 runc: Fix of CVE-2026-25679

Rebuild with Go 1.25.8 to fix Go standard library CVE - CVE-2026-25679: reject invalid IPv6 host literals in net/url.Parse to prevent URL validation bypass...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References1
OSV
OSV
added 2026/04/24 11:17 a.m.14 views

CLSA-2026-1777029448 containernetworking-plugins: Fix of CVE-2026-25679

rebuild with newer golang version 1.25.7-1.el96.tuxcare.els2 to fix the following CVE - CVE-2026-25679: reject IPv6 literals not at the start of the host subcomponent in net/url.Parse to prevent URL authority validation bypass...

7.5CVSS5.8AI score0.00728EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/23 5:49 p.m.17 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/21 5:53 p.m.11 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/14 5:11 p.m.4 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to incorrect parse function values in net/url (CVE-2025-47912)

Summary IBM Watson Speech Services Cartridge is vulnerable to a condition in net/url that allows incorrect parse function values other than IPv6 addresses to be included in square brackets within the host component of a URL CVE-2025-47912, Net/url is used in our speech-utilities. This...

5.3CVSS7AI score0.00443EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/13 4:34 p.m.8 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS5.8AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/08 11:31 a.m.3 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References8
Rows per page
Query Builder