4 matches found
Unity Linux 20.1060a / 20.1070a Security Update: grafana (UTSA-2026-007106)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007106 advisory. archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when...
OESA-2026-1702 golang security update
The Go Programming Language. Security Fixes: The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large...
OESA-2026-1699 golang security update
The Go Programming Language. Security Fixes: The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large...
CLSA-2026-1772448200 grafana: Fix of 3 CVEs
rebuild with golang 1.25.7 which fixes the following CVEs - - CVE-2025-61726: fix DoS due to memory exhaustion flaw in net/url parameter parsing - CVE-2025-61728: fix DoS due to CPU exhaustion flaw in archive/zip indexing - CVE-2025-61729: fix DoS due to CPU exhaustion flaw in crypto/x509...