PT-2026-38569 · Go+8 · Go+80
Thatnealpatel
·
Published
2026-04-28
·
Updated
2026-05-21
·
CVE-2026-42499
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
The product name cannot be determined (affected versions not specified)
Description
Pathological inputs can cause a Denial of Service (DoS) during the parsing of email addresses according to RFC 5322. This issue occurs within the
consumePhrase() function.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Go
Aws-Privateca-Issuer
Aws-Privateca-Issuer-Fips
Cert-Manager
Cert-Manager-Cmctl-Fips
Cert-Manager-Webhook-Pdns-Fips
Cilium
Cloudnative-Pg-Fips
Configmap-Reload
Confluent-Cp-Docker-Utils
Confluent-Kafka
Druid-Exporter-Fips
Elastic-Beats
Go1.25
Go1.26
Golang
Golang-1.10
Golang-1.13
Golang-1.14
Golang-1.15
Golang-1.16
Golang-1.17
Golang-1.18
Golang-1.19
Golang-1.20
Golang-1.21
Golang-1.22
Golang-1.23
Golang-1.24
Golang-1.25
Golang-1.26
Golang-1.6
Golang-1.8
Golang-1.9
Gptscript
Ingress-Nginx-Controller-1.15
K8Ssandra-Client-Fips
Karpenter
Karpenter-Fips
Keda
Keda-Fips
Kubernetes Dashboard
Kubernetes-Dashboard-Fips
Kubernetes-Dashboard-Web
Kubernetes-Dns-Node-Cache
Kubernetes-Fips
Kyverno-Fips
Linkerd2
Mailpit
Metacontroller
Minio-Operator-Fips
Modelmesh-Runtime-Adapter
Mongodb
Netmail
Opensearch-K8S-Operator-Fips
Percona-Xtradb-Cluster-Operator-Fips
Prometheus
Prometheus-Mysqld-Exporter
Prometheus-Operator
Prometheus-Redis-Exporter-Fips
Rabbitmq-Cluster-Operator
Rabbitmq-Messaging-Topology-Operator
Rclone
Restic-Fips
Sealed-Secrets
Spark-Operator
Stdlib
Terragrunt-Fips
Trino
Velero
Velero-Fips
Velero-Plugin-For-Gcp-Fips
Velero-Plugin-For-Microsoft-Azure-Fips
Wave
Wave-Fips
Weaviate
Weaviate-Fips
Yunikorn-K8Shim
Yunikorn-K8Shim-Fips
Yunikorn-Web-Fips
Zot