AZL-56043 CVE-2024-45341 affecting package golang for versions less than 1.22.7-2

A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs...

AZL-47178 CVE-2022-29526 affecting package golang for versions less than 1.22.7-2

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...