Lucene search
+L

12 matches found

OSV
OSV
added 2026/06/10 1:3 a.m.7 views

CLEANSTART-2026-GZ11549 Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations

Multiple security vulnerabilities affect the certificate-transparency-trillian-ctserver package. Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations. See references for individual vulnerability details...

9.8CVSS6.8AI score0.01945EPSS
Exploits4References91
RedHat Linux
RedHat Linux
added 2026/06/04 12:43 p.m.4 views

net/mail: golang: Go net/mail: Denial of Service via crafted email inputs

A flaw was found in the net/mail package of the Go programming language. An attacker could provide specially crafted inputs to the ParseAddress, ParseAddressList, or ParseDate functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service DoS for...

7.5CVSS6.9AI score0.00784EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/05/09 2:43 a.m.14 views

SUSE CVE-2026-39820

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

7.5CVSS5.8AI score0.00784EPSS
Exploits0References16
OSV
OSV
added 2026/05/07 8:16 p.m.5 views

DEBIAN-CVE-2026-39820

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

7.5CVSS5.8AI score0.00784EPSS
Exploits0References1
NVD
NVD
added 2026/05/07 8:16 p.m.18 views

CVE-2026-39820

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

7.5CVSS0.00784EPSS
Exploits0References22
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/25 4:59 p.m.13 views

Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities

Summary IBM Guardium Data Security Center has addressed these vulnerabilties with an update. Vulnerability Details CVEID:CVE-2021-43784 DESCRIPTION: runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a...

7.5CVSS8.1AI score0.03514EPSS
Exploits2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/03 12:0 a.m.7 views

The vulnerability of the ParseAddressList function in the net/mail package in the Go programming language, which allows attackers to perform spoofing attacks.

The vulnerability of the ParseAddressList function in the net/mail package in the Go programming language is related to insufficient checking of the names displayed by this function. Exploitation of this vulnerability could allow a malicious actor to perform spear-phishing attacks by sending...

7.5CVSS6.6AI score0.01042EPSS
Exploits0References9Affected Software5
OSV
OSV
added 2024/04/12 11:7 a.m.4 views

OESA-2024-1432 golang security update

The Go Programming Language. Security Fixes: The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different...

7.5CVSS7AI score0.01042EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/03/06 4:33 a.m.4 views

SUSE CVE-2024-24784

The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...

7.5CVSS7.2AI score0.01042EPSS
Exploits0References12
OSV
OSV
added 2024/03/05 11:15 p.m.9 views

UBUNTU-CVE-2024-24784

The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...

7.5CVSS6.8AI score0.01042EPSS
Exploits0References12
Snyk
Snyk
added 2024/03/05 10:15 p.m.5 views

Improper Neutralization

Overview std/net/mail is a Go standard library package std/net/mail Affected versions of this package are vulnerable to Improper Neutralization. Go Vulnerability Report: The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a...

8.7CVSS6.8AI score0.01042EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/01/12 12:0 a.m.14 views

PT-2024-4460 · Go +9 · Netmail +9

Name of the Vulnerable Software and Affected Versions: net/mail package in Go affected versions not specified Description: The issue is related to the ParseAddressList function, which incorrectly handles comments within display names. This can lead to different trust decisions being made by...

9.8CVSS6.3AI score0.91969EPSS
Exploits2References285
Rows per page
Query Builder