Linux Distros Unpatched Vulnerability : CVE-2026-42500

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image. CVE-2026-42500 Note that Nessus...

CVE-2026-42500 Panic when reading out of bound palette index in golang.org/x/image/bmp

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

GO-2026-4961 Panic when decoding large WEBP image on 32-bit platforms in golang.org/x/image

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

PT-2022-17563 · Unknown · Go-Codec-Dagpb

Name of the Vulnerable Software and Affected Versions: go-codec-dagpb versions prior to 1.3.1 Description: The dag-pb codec can panic when decoding invalid blocks, due to an assumption that the reported link length is accurate. If the block ends before the reported length, it results in a buffer...

UBUNTU-CVE-2020-15106

In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentional...