Msrc Azl3 Gcc 13.2.0-7 vulnerabilities

CVE-2026-22184 [MEDIUM] CWE-120 zlib <= 1.3.1.2 untgz Global Buffer Overflow in TGZfname() zlib <= 1.3.1.2 untgz Global Buffer Overflow in TGZfname() Mariner: Mariner VulnCheck: VulnCheck Customer Action Required: Yes

CVE-2025-61729 [HIGH] Excessive resource consumption when printing error string for host certificate validation in crypto/x509 Excessive resource consumption when printing error string for host certificate validation in crypto/x509 Mariner: Mariner Go: Go Customer Action Required: Yes

CVE-2025-61724 [MEDIUM] Excessive CPU consumption in Reader.ReadResponse in net/textproto Excessive CPU consumption in Reader.ReadResponse in net/textproto FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie

CVE-2025-58188 [HIGH] Panic when validating certificates with DSA public keys in crypto/x509 Panic when validating certificates with DSA public keys in crypto/x509 FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2025-58183 [MEDIUM] Unbounded allocation when parsing GNU sparse map in archive/tar Unbounded allocation when parsing GNU sparse map in archive/tar FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2025-58186 [MEDIUM] Lack of limit when parsing cookies can cause memory exhaustion in net/http Lack of limit when parsing cookies can cause memory exhaustion in net/http FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the op

CVE-2025-22870 [MEDIUM] CWE-115 HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with w

CVE-2025-1744 [CRITICAL] CWE-787 Out-of-bounds Write in radare2 Out-of-bounds Write in radare2 FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed t

CVE-2025-1149 [LOW] CWE-401 GNU Binutils ld xmalloc.c xstrdup memory leak GNU Binutils ld xmalloc.c xstrdup memory leak FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed.

CVE-2025-1151 [LOW] CWE-401 GNU Binutils ld xmemdup.c xmemdup memory leak GNU Binutils ld xmemdup.c xmemdup memory leak FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed.

CVE-2025-1152 [LOW] CWE-401 GNU Binutils ld xstrdup.c xstrdup memory leak GNU Binutils ld xstrdup.c xstrdup memory leak FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed.

CVE-2023-45853 [CRITICAL] CWE-190 MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename comment or extra field. NOTE: MiniZip is not a supported par MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename comment or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vuln

CVE-2023-39325 [HIGH] CWE-770 HTTP/2 rapid reset can cause excessive work in net/http HTTP/2 rapid reset can cause excessive work in net/http FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which t

CVE-2022-41717 [MEDIUM] CWE-770 Excessive memory growth in net/http and golang.org/x/net/http2 Excessive memory growth in net/http and golang.org/x/net/http2 FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librar