vulnerability
Oracle Linux: CVE-2025-61729: ELSA-2026-0921: go-toolset:ol8 security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Dec 2, 2025 | Jan 23, 2026 | Feb 11, 2026 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Dec 2, 2025
Added
Jan 23, 2026
Modified
Feb 11, 2026
Description
Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.
Solutions
oracle-linux-upgrade-delveoracle-linux-upgrade-git-lfsoracle-linux-upgrade-golangoracle-linux-upgrade-golang-binoracle-linux-upgrade-golang-docsoracle-linux-upgrade-golang-miscoracle-linux-upgrade-golang-raceoracle-linux-upgrade-golang-srcoracle-linux-upgrade-golang-testsoracle-linux-upgrade-go-toolsetoracle-linux-upgrade-grafanaoracle-linux-upgrade-grafana-pcporacle-linux-upgrade-grafana-selinuxoracle-linux-upgrade-ipp-usboracle-linux-upgrade-osbuild-composeroracle-linux-upgrade-osbuild-composer-coreoracle-linux-upgrade-osbuild-composer-worker
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.