VYPR

rpm package

almalinux/go-rpm-macros

pkg:rpm/almalinux/go-rpm-macros

Vulnerabilities (3)

  • CVE-2026-25679HigMar 6, 2026
    affected < 3.6.0-14.el9_7fixed 3.6.0-14.el9_7

    url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.

  • CVE-2025-61726Jan 28, 2026
    affected < 3.6.0-13.el9_7fixed 3.6.0-13.el9_7

    The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a la

  • CVE-2025-47906Sep 18, 2025
    affected < 3.6.0-12.el9_7fixed 3.6.0-12.el9_7

    If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath ("", ".", and ".."), can result in the binaries listed in the PATH being unexpectedly returned.