Lucene search
K

9 matches found

OSV
OSV
added 2026/03/03 9:24 p.m.12 views

CLSA-2026-1772573053 butane: Fix of CVE-2025-61729

rebuilt with golang = 1.25.7-1.tuxcare.els1 to address the following security issues: - CVE-2025-61729...

7.5CVSS7.2AI score0.00459EPSS
Exploits2References1
Oracle linux
Oracle linux
added 2026/02/16 12:0 a.m.8 views

golang security update

1.25.7-1 - Rebase to latest rhel-10-main 170a5b7e084...

10CVSS5.5AI score0.01945EPSS
Exploits2
OSV
OSV
added 2026/02/05 4:15 a.m.5 views

AZL-78937 CVE-2025-61732 affecting package golang 1.25.7-1

A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...

8.6CVSS5.8AI score0.00472EPSS
Exploits0References1
OSV
OSV
added 2026/01/28 8:16 p.m.4 views

AZL-78933 CVE-2025-61730 affecting package golang 1.25.7-1

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

5.3CVSS6.6AI score0.00276EPSS
Exploits0References1
OSV
OSV
added 2025/10/29 11:16 p.m.5 views

AZL-78911 CVE-2025-58186 affecting package golang 1.25.7-1

Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption...

5.3CVSS7.2AI score0.00534EPSS
Exploits0References1
OSV
OSV
added 2025/04/08 8:15 p.m.10 views

AZL-78982 CVE-2025-22871 affecting package golang 1.25.7-1

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext...

9.1CVSS6.7AI score0.00724EPSS
Exploits0References1
OSV
OSV
added 2024/05/08 4:15 p.m.6 views

AZL-79020 CVE-2024-24788 affecting package golang 1.25.7-1

A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop...

5.9CVSS6.8AI score0.01001EPSS
Exploits0References1
OSV
OSV
added 2023/10/05 9:15 p.m.5 views

AZL-78984 CVE-2023-39323 affecting package golang 1.25.7-1

Line directives "//line" can be used to bypass the restrictions on "//go:cgo" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of...

8.1CVSS7.1AI score0.01762EPSS
Exploits0References1
OSV
OSV
added 2023/05/11 4:15 p.m.6 views

AZL-79082 CVE-2023-24540 affecting package golang 1.25.7-1

Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution...

9.8CVSS6.6AI score0.01548EPSS
Exploits0References1
Rows per page
Query Builder