Nixpkgs Security Tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: nltk-data.toolbox

Found 1 matching suggestions

Untriaged
Permalink CVE-2025-11065
created 2 weeks, 2 days ago
Github.com/go-viper/mapstructure/v2: go-viper's mapstructure may leak sensitive information in logs in github.com/go-viper/mapstructure

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in security-critical contexts.

Affected products

podman
toolbox
openshift
microshift
gvisor-tap-vsock
rhtas/cosign-rhel9
rhtas/fulcio-rhel9
devspaces/udi-rhel9
rhtas/gitsign-rhel9
rhtas/rekor-cli-rhel9
devspaces/traefik-rhel9
opentelemetry-collector
devspaces/udi-base-rhel9
rhacm2/acm-grafana-rhel9
rhoai/odh-rhel9-operator
rhtas/rekor-server-rhel9
openshift-pipelines-client
openshift4/ose-helm-operator
redhat-certification-preflight
rhoai/odh-model-registry-rhel9
openshift-gitops-1/argocd-rhel8
openshift-gitops-1/argocd-rhel9
rhtas/timestamp-authority-rhel9
rhacm2/submariner-rhel9-operator
rhtas/rekor-backfill-redis-rhel9
openshift4/ose-helm-rhel9-operator
github.com/go-viper/mapstructure/v2
  • <2.4.0
rhosdt/opentelemetry-collector-rhel8
rhtap-task-runner/rhtap-task-runner-rhel9
advanced-cluster-security/rhacs-main-rhel8
advanced-cluster-security/rhacs-roxctl-rhel8
advanced-cluster-security/rhacs-rhel8-operator
advanced-cluster-security/rhacs-central-db-rhel8
advanced-cluster-security/rhacs-scanner-v4-rhel8
advanced-cluster-security/rhacs-scanner-v4-db-rhel8
zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9
zero-trust-workload-identity-manager/spiffe-spire-server-rhel9
zero-trust-workload-identity-manager/spiffe-spire-oidc-discovery-provider-rhel9
zero-trust-workload-identity-manager/zero-trust-workload-identity-manager-rhel9

Matching in nixpkgs

Package maintainers