| CVE-2025-68121 |
critical |
10.0 |
10.0 |
|
|
|
16d ago |
RHSA-2026:22714: osbuild-composer security update (Important) |
| CVE-2015-5740 |
critical |
9.8 |
9.8 |
|
|
|
9y ago |
Request smuggling due to improper header parsing in net/http |
| CVE-2015-5739 |
critical |
9.8 |
9.8 |
|
|
|
9y ago |
Request smuggling due to improper header parsing in net/http |
| CVE-2023-29403 |
critical |
— |
9.5 |
|
|
|
3y ago |
RHSA-2023:3922: go-toolset:rhel8 security update (Critical) |
| CVE-2025-22871 |
critical |
9.1 |
9.1 |
|
|
|
10mo ago |
Moderate: git-lfs security update |
| CVE-2025-22873 |
low |
— |
2.5 |
|
|
|
4mo ago |
It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open("../") would open the parent directory of the Root. This escape o… |
| CVE-2021-27919 |
low |
— |
2.5 |
|
|
|
5y ago |
archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service (panic) upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any fi… |
