CLEANSTART-2026-GZ11549

See a problem?
Import Source
https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-GZ11549.json
JSON Data
https://api.osv.dev/v1/vulns/CLEANSTART-2026-GZ11549
Upstream
  • CVE-2026-25679
  • CVE-2026-27139
  • CVE-2026-27140
  • CVE-2026-27142
  • CVE-2026-27143
  • CVE-2026-27144
  • CVE-2026-29181
  • CVE-2026-32280
  • CVE-2026-32281
  • CVE-2026-32282
  • CVE-2026-32283
  • CVE-2026-32288
  • CVE-2026-32289
  • CVE-2026-33810
  • CVE-2026-33811
  • CVE-2026-33814
  • CVE-2026-33816
  • CVE-2026-39817
  • CVE-2026-39819
  • CVE-2026-39820
  • CVE-2026-39823
  • CVE-2026-39825
  • CVE-2026-39826
  • CVE-2026-39836
  • CVE-2026-40179
  • CVE-2026-41889
  • CVE-2026-42151
  • CVE-2026-42154
  • CVE-2026-42499
  • CVE-2026-42501
  • CVE-2026-44903
  • ghsa-9jj7-4m8r-rfcm
  • ghsa-f6x5-jh6r-wrfv
  • ghsa-fw7p-63qq-7hpr
  • ghsa-fw8g-cg8f-9j28
  • ghsa-j5w8-q4qc-rx2x
  • ghsa-j88v-2chj-qfwx
  • ghsa-mh2q-q3fh-2475
  • ghsa-p77j-4mvh-x3m3
  • ghsa-vffh-x6r8-xx99
  • ghsa-wg65-39gg-5wfj
Published
2026-06-10T01:03:54.943567Z
Modified
2026-06-22T09:45:08.715294924Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations
Details

Multiple security vulnerabilities affect the certificate-transparency-trillian-ctserver package. Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations. See references for individual vulnerability details.

References

Affected packages

CleanStart / certificate-transparency-trillian-ctserver

Package

Name
certificate-transparency-trillian-ctserver

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.2-r2

Database specific

source 
"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-GZ11549.json"