4 matches found
Important: Red Hat Security Advisory: rhc security update
An update for rhc is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
OPENSUSE-SU-2026:20976-1 Security update for go1.26
This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...
CVE-2026-27145 vulnerabilities
Vulnerabilities for packages: cass-operator-fips-no-pvc-delete, aws-iam-authenticator-fips, amazon-eks-ami, prometheus-beat-exporter-fips, rekor-fips, docker-machine-driver-linode, helm-fips, step-ca-fips, eck-operator-fips, traefik-fips, trino, volume-modifier-for-k8s, grafana-mimir,...
UBUNTU-CVE-2026-27145
x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically based on the number...