rpm package
suse/go1.26&distro=SUSE Linux Enterprise Server for SAP applications 16.0
pkg:rpm/suse/go1.26&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-42507 | Med | 5.3 | < 1.26.4-160000.1.1 | 1.26.4-160000.1.1 | Jun 2, 2026 | When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged. | |
| CVE-2026-42504 | Hig | 7.5 | < 1.26.4-160000.1.1 | 1.26.4-160000.1.1 | Jun 2, 2026 | Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU. | |
| CVE-2026-27145 | Med | 6.5 | < 1.26.4-160000.1.1 | 1.26.4-160000.1.1 | Jun 2, 2026 | (*x509.Certificate).VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name (SAN) entries. This caused strings.Split(host, ".") to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratic |
- affected < 1.26.4-160000.1.1fixed 1.26.4-160000.1.1
When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged.
- affected < 1.26.4-160000.1.1fixed 1.26.4-160000.1.1
Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU.
- affected < 1.26.4-160000.1.1fixed 1.26.4-160000.1.1
(*x509.Certificate).VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name (SAN) entries. This caused strings.Split(host, ".") to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratic