EUVD-2024-41742

Malicious code in bioql PyPI...

EulerOS 2.0 SP10 : golang (EulerOS-SA-2025-1798)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization head...

Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 1.0.294 Vulnerability Details CVEID:CVE-2024-45338 DESCRIPTION: An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to...

Linux Distros Unpatched Vulnerability : CVE-2024-45341

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificat...

CBL Mariner 2.0 Security Update: golang / msft-golang (CVE-2024-45341)

The version of golang / msft-golang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45341 advisory. - A certificate with a URI which has a IPv6 address with a zone ID May incorrectly satisfy a URI...

BIT-GOLANG-2024-45341 Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509

A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs...

CVE-2024-45341

A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs...

CVE-2024-45341

A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs...

CVE-2024-45341

CVE-2024-45341 affects Go (golang) components handling X.509 URI name constraints. A certificate URI containing an IPv6 address with a zone ID may incorrectly satisfy the certificate-chain URI constraint, potentially weakening PKI checks in private PKIs that use URIs. The issue is fixed in variou...

GO-2025-3373 Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509

A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs...

PT-2025-2692

Name of the Vulnerable Software and Affected Versions Google Go versions up to 1.22.10/1.23.4 Description A certificate with a URI which has an IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not...