29 matches found
CVE-2026-39820
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...
Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2026-1743)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1743 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...
Linux Distros Unpatched Vulnerability : CVE-2026-39820
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations. CVE-2026-39820...
EUVD-2026-28423
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...
CVE-2026-39820
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...
UBUNTU-CVE-2026-39820
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...
CVE-2026-39820
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...
CVE-2026-39820
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...
CVE-2026-39820
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...
Allocation of Resources Without Limits or Throttling
Overview std/net/mail is a Go standard library package std/net/mail Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger...
PT-2026-38564
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Well-crafted inputs reaching the functions ParseAddress, ParseAddressList, and ParseDate can trigger excessive CPU exhaustion and memory allocations, leading to ...
Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 1.0.311 Vulnerability Details CVEID:CVE-2025-61725 DESCRIPTION: The ParseAddress function constructs domain-literal address components through repeated string concatenatio...
K000159890: Golang vulnerability CVE-2025-61725
Security Advisory Description The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption. CVE-2025-61725 Impact An attacker may be able to exploit this...
CLEANSTART-2026-PB78859 ParseAddress function constructs domain-literal address components through repeated string concatenation
Multiple security vulnerabilities affect the kubevela package. The ParseAddress function constructs domain-literal address components through repeated string concatenation. See references for individual vulnerability details...
CLEANSTART-2026-NF19624 ParseAddress function constructs domain-literal address components through repeated string concatenation
Security vulnerability affects the timoni package. The ParseAddress function constructs domain-literal address components through repeated string concatenation...
CLEANSTART-2026-TY78539 ParseAddress function constructs domain-literal address components through repeated string concatenation
Multiple security vulnerabilities affect the go-fips-1.24 package. The ParseAddress function constructs domain-literal address components through repeated string concatenation. See references for individual vulnerability details...
CLEANSTART-2026-VS64679 ParseAddress function constructs domain-literal address components through repeated string concatenation
Multiple security vulnerabilities affect the go-fips-1.24 package. The ParseAddress function constructs domain-literal address components through repeated string concatenation. See references for individual vulnerability details...
CLEANSTART-2026-PK92575 ParseAddress function constructs domain-literal address components through repeated string concatenation
Security vulnerability affects the wazero package. The ParseAddress function constructs domain-literal address components through repeated string concatenation...
BIT-GOLANG-2025-61725 Excessive CPU consumption in ParseAddress in net/mail
The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption...
Excessive CPU consumption in ParseAddress in net/mail
...