CLEANSTART-2026-SB25660

Import Source

https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-SB25660.json

JSON Data

https://api.osv.dev/v1/vulns/CLEANSTART-2026-SB25660

Upstream

CVE-2025-22871

CVE-2025-4673

CVE-2025-47907

CVE-2025-58183

CVE-2025-58185

CVE-2025-58187

CVE-2025-58188

CVE-2025-58189

CVE-2025-61723

CVE-2025-61724

CVE-2025-61725

GHSA-265R-HFXG-FHMG

GHSA-4VQ8-7JFC-9CVP

GHSA-6V2P-P543-PHR9

GHSA-CGRX-MC8F-2PRM

GHSA-F6X5-JH6R-WRFV

GHSA-HCG3-Q754-CR77

GHSA-J5W8-Q4QC-RX2X

GHSA-M6HQ-P25P-FFR2

GHSA-PWHC-RPQ9-4C8W

GHSA-QXP5-GWG8-XV66

GHSA-V23V-6JW2-98FQ

GHSA-V778-237X-GJRC

GHSA-VVGC-356P-C3XW

GHSA-X84C-P2G9-RQV9

Published

2026-01-30T16:44:27.197226Z

Modified

2026-05-28T22:15:31.762678640Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines

Details

Multiple security vulnerabilities affect the falcosidekick-fips package. The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. See references for individual vulnerability details.

References

Affected packages

CleanStart / falcosidekick-fips

Package

Name: falcosidekick-fips

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.32.0-r0

Database specific

source

"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-SB25660.json"