CVE-2025-11065

CVE-2025-11065 affects github.com/go-viper/mapstructure/v2, where the field processing using mapstructure.WeakDecode may disclose input values through detailed error messages. Public sources corroborate the issue and its remediation. Fedora advisories indicate the fix is to upgrade mapstructure t...

mapstructure security vulnerability

MapStructure is a Go language library developed by Viper. There is a security vulnerability in MapStructure. This vulnerability arises from the use of MapStructure.WeakDecode; errors during this process may lead to sensitive input values being leaked, potentially causing information leaks...

Improper Output Neutralization for Logs

Overview Affected versions of this package are vulnerable to Improper Output Neutralization for Logs via the WeakDecode function when handling malformed input data. An attacker can cause sensitive information to be included in error logs by submitting specially crafted input that triggers error...

Improper Output Neutralization for Logs

Overview Affected versions of this package are vulnerable to Improper Output Neutralization for Logs via the WeakDecode function when handling malformed input data. An attacker can cause sensitive information to be included in error logs by submitting specially crafted input that triggers error...