rpm package
almalinux/yggdrasil-worker-package-manager
pkg:rpm/almalinux/yggdrasil-worker-package-manager
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-25679 | Hig | 7.5 | < 0.2.3-5.el10_1 | 0.2.3-5.el10_1 | Mar 6, 2026 | url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. | |
| CVE-2025-61726 | — | < 0.2.3-4.el10_1 | 0.2.3-4.el10_1 | Jan 28, 2026 | The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a la |
- affected < 0.2.3-5.el10_1fixed 0.2.3-5.el10_1
url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.
- CVE-2025-61726Jan 28, 2026affected < 0.2.3-4.el10_1fixed 0.2.3-4.el10_1
The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a la