Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-32283 (GCVE-0-2026-32283)
Vulnerability from cvelistv5 – Published: 2026-04-08 01:06 – Updated: 2026-04-13 18:19
VLAI?
EPSS
Title
Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls
Summary
If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.
Severity ?
7.5 (High)
CWE
- CWE-667 - Improper Locking
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Go standard library | crypto/tls |
Affected:
0 , < 1.25.9
(semver)
Affected: 1.26.0-0 , < 1.26.2 (semver) |
Credits
Jakub Ciolek - https://ciolek.dev/
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-32283",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-13T17:51:46.207289Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T18:19:55.848Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "crypto/tls",
"product": "crypto/tls",
"programRoutines": [
{
"name": "Conn.handleKeyUpdate"
},
{
"name": "clientHandshakeStateTLS13.establishHandshakeKeys"
},
{
"name": "clientHandshakeStateTLS13.readServerFinished"
},
{
"name": "serverHandshakeStateTLS13.sendServerParameters"
},
{
"name": "serverHandshakeStateTLS13.readClientFinished"
},
{
"name": "Conn.Handshake"
},
{
"name": "Conn.HandshakeContext"
},
{
"name": "Conn.Read"
},
{
"name": "Conn.Write"
},
{
"name": "Dial"
},
{
"name": "DialWithDialer"
},
{
"name": "Dialer.Dial"
},
{
"name": "Dialer.DialContext"
},
{
"name": "QUICConn.HandleData"
},
{
"name": "QUICConn.Start"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.25.9",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.26.2",
"status": "affected",
"version": "1.26.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jakub Ciolek - https://ciolek.dev/"
}
],
"descriptions": [
{
"lang": "en",
"value": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-667: Improper Locking",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T01:06:57.670Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/763767"
},
{
"url": "https://go.dev/issue/78334"
},
{
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"title": "Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-32283",
"datePublished": "2026-04-08T01:06:57.670Z",
"dateReserved": "2026-03-11T16:38:46.556Z",
"dateUpdated": "2026-04-13T18:19:55.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-32283",
"date": "2026-05-06",
"epss": "0.00017",
"percentile": "0.04293"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-32283\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-04-08T02:16:03.580\",\"lastModified\":\"2026-04-16T19:12:10.540\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.25.9\",\"matchCriteriaId\":\"C6C9C072-9817-402D-877F-F83584B07017\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.26.0\",\"versionEndExcluding\":\"1.26.2\",\"matchCriteriaId\":\"39FE9BAF-55E9-43AA-B14E-239E7EF1D65D\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/763767\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/78334\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU\",\"source\":\"security@golang.org\",\"tags\":[\"Release Notes\",\"Mailing List\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-4870\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-32283\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-13T17:51:46.207289Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-13T17:51:42.115Z\"}}], \"cna\": {\"title\": \"Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls\", \"credits\": [{\"lang\": \"en\", \"value\": \"Jakub Ciolek - https://ciolek.dev/\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"crypto/tls\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.25.9\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.26.0-0\", \"lessThan\": \"1.26.2\", \"versionType\": \"semver\"}], \"packageName\": \"crypto/tls\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"Conn.handleKeyUpdate\"}, {\"name\": \"clientHandshakeStateTLS13.establishHandshakeKeys\"}, {\"name\": \"clientHandshakeStateTLS13.readServerFinished\"}, {\"name\": \"serverHandshakeStateTLS13.sendServerParameters\"}, {\"name\": \"serverHandshakeStateTLS13.readClientFinished\"}, {\"name\": \"Conn.Handshake\"}, {\"name\": \"Conn.HandshakeContext\"}, {\"name\": \"Conn.Read\"}, {\"name\": \"Conn.Write\"}, {\"name\": \"Dial\"}, {\"name\": \"DialWithDialer\"}, {\"name\": \"Dialer.Dial\"}, {\"name\": \"Dialer.DialContext\"}, {\"name\": \"QUICConn.HandleData\"}, {\"name\": \"QUICConn.Start\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/763767\"}, {\"url\": \"https://go.dev/issue/78334\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-4870\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-667: Improper Locking\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-04-08T01:06:57.670Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-32283\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-13T18:19:55.848Z\", \"dateReserved\": \"2026-03-11T16:38:46.556Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-04-08T01:06:57.670Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:14200
Vulnerability from csaf_redhat - Published: 2026-05-06 15:34 - Updated: 2026-05-07 02:29Summary
Red Hat Security Advisory: git-lfs security update
Severity
Important
Notes
Topic: An update for git-lfs is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server.
Security Fix(es):
* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:14200
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:14200
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:14200
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for git-lfs is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server.\n\nSecurity Fix(es):\n\n* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:14200",
"url": "https://access.redhat.com/errata/RHSA-2026:14200"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_14200.json"
}
],
"title": "Red Hat Security Advisory: git-lfs security update",
"tracking": {
"current_release_date": "2026-05-07T02:29:05+00:00",
"generator": {
"date": "2026-05-07T02:29:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:14200",
"initial_release_date": "2026-05-06T15:34:47+00:00",
"revision_history": [
{
"date": "2026-05-06T15:34:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-06T15:34:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T02:29:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "git-lfs-0:3.6.1-8.el9_7.1.x86_64",
"product": {
"name": "git-lfs-0:3.6.1-8.el9_7.1.x86_64",
"product_id": "git-lfs-0:3.6.1-8.el9_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs@3.6.1-8.el9_7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.x86_64",
"product": {
"name": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.x86_64",
"product_id": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs-debugsource@3.6.1-8.el9_7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.x86_64",
"product": {
"name": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.x86_64",
"product_id": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs-debuginfo@3.6.1-8.el9_7.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "git-lfs-0:3.6.1-8.el9_7.1.s390x",
"product": {
"name": "git-lfs-0:3.6.1-8.el9_7.1.s390x",
"product_id": "git-lfs-0:3.6.1-8.el9_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs@3.6.1-8.el9_7.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.s390x",
"product": {
"name": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.s390x",
"product_id": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs-debugsource@3.6.1-8.el9_7.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.s390x",
"product": {
"name": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.s390x",
"product_id": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs-debuginfo@3.6.1-8.el9_7.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "git-lfs-0:3.6.1-8.el9_7.1.src",
"product": {
"name": "git-lfs-0:3.6.1-8.el9_7.1.src",
"product_id": "git-lfs-0:3.6.1-8.el9_7.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs@3.6.1-8.el9_7.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "git-lfs-0:3.6.1-8.el9_7.1.aarch64",
"product": {
"name": "git-lfs-0:3.6.1-8.el9_7.1.aarch64",
"product_id": "git-lfs-0:3.6.1-8.el9_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs@3.6.1-8.el9_7.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.aarch64",
"product": {
"name": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.aarch64",
"product_id": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs-debugsource@3.6.1-8.el9_7.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.aarch64",
"product": {
"name": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.aarch64",
"product_id": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs-debuginfo@3.6.1-8.el9_7.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "git-lfs-0:3.6.1-8.el9_7.1.ppc64le",
"product": {
"name": "git-lfs-0:3.6.1-8.el9_7.1.ppc64le",
"product_id": "git-lfs-0:3.6.1-8.el9_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs@3.6.1-8.el9_7.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.ppc64le",
"product": {
"name": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.ppc64le",
"product_id": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs-debugsource@3.6.1-8.el9_7.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.ppc64le",
"product": {
"name": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.ppc64le",
"product_id": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs-debuginfo@3.6.1-8.el9_7.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-0:3.6.1-8.el9_7.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.aarch64"
},
"product_reference": "git-lfs-0:3.6.1-8.el9_7.1.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-0:3.6.1-8.el9_7.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.ppc64le"
},
"product_reference": "git-lfs-0:3.6.1-8.el9_7.1.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-0:3.6.1-8.el9_7.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.s390x"
},
"product_reference": "git-lfs-0:3.6.1-8.el9_7.1.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-0:3.6.1-8.el9_7.1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.src"
},
"product_reference": "git-lfs-0:3.6.1-8.el9_7.1.src",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-0:3.6.1-8.el9_7.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.x86_64"
},
"product_reference": "git-lfs-0:3.6.1-8.el9_7.1.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.aarch64"
},
"product_reference": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.ppc64le"
},
"product_reference": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.s390x"
},
"product_reference": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.x86_64"
},
"product_reference": "git-lfs-debuginfo-0:3.6.1-8.el9_7.1.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.aarch64"
},
"product_reference": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.ppc64le"
},
"product_reference": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.s390x"
},
"product_reference": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.x86_64"
},
"product_reference": "git-lfs-debugsource-0:3.6.1-8.el9_7.1.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.src",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T15:34:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.src",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14200"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.src",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.src",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T15:34:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.src",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14200"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.src",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.src",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.src",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T15:34:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.src",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14200"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.src",
"AppStream-9.7.0.Z.MAIN:git-lfs-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debuginfo-0:3.6.1-8.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:git-lfs-debugsource-0:3.6.1-8.el9_7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
RHSA-2026:11881
Vulnerability from csaf_redhat - Published: 2026-04-29 19:06 - Updated: 2026-05-07 02:29Summary
Red Hat Security Advisory: grafana-pcp security update
Severity
Important
Notes
Topic: An update for grafana-pcp is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.
Security Fix(es):
* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11881
References
| URL | Category | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for grafana-pcp is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.\n\nSecurity Fix(es):\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11881",
"url": "https://access.redhat.com/errata/RHSA-2026:11881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11881.json"
}
],
"title": "Red Hat Security Advisory: grafana-pcp security update",
"tracking": {
"current_release_date": "2026-05-07T02:29:02+00:00",
"generator": {
"date": "2026-05-07T02:29:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:11881",
"initial_release_date": "2026-04-29T19:06:36+00:00",
"revision_history": [
{
"date": "2026-04-29T19:06:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-29T19:06:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T02:29:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-pcp-0:5.3.0-4.el10_1.src",
"product": {
"name": "grafana-pcp-0:5.3.0-4.el10_1.src",
"product_id": "grafana-pcp-0:5.3.0-4.el10_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp@5.3.0-4.el10_1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-pcp-0:5.3.0-4.el10_1.aarch64",
"product": {
"name": "grafana-pcp-0:5.3.0-4.el10_1.aarch64",
"product_id": "grafana-pcp-0:5.3.0-4.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp@5.3.0-4.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.aarch64",
"product": {
"name": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.aarch64",
"product_id": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debugsource@5.3.0-4.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.aarch64",
"product": {
"name": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.aarch64",
"product_id": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debuginfo@5.3.0-4.el10_1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-pcp-0:5.3.0-4.el10_1.ppc64le",
"product": {
"name": "grafana-pcp-0:5.3.0-4.el10_1.ppc64le",
"product_id": "grafana-pcp-0:5.3.0-4.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp@5.3.0-4.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.ppc64le",
"product": {
"name": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.ppc64le",
"product_id": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debugsource@5.3.0-4.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.ppc64le",
"product": {
"name": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.ppc64le",
"product_id": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debuginfo@5.3.0-4.el10_1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-pcp-0:5.3.0-4.el10_1.s390x",
"product": {
"name": "grafana-pcp-0:5.3.0-4.el10_1.s390x",
"product_id": "grafana-pcp-0:5.3.0-4.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp@5.3.0-4.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.s390x",
"product": {
"name": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.s390x",
"product_id": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debugsource@5.3.0-4.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.s390x",
"product": {
"name": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.s390x",
"product_id": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debuginfo@5.3.0-4.el10_1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-pcp-0:5.3.0-4.el10_1.x86_64",
"product": {
"name": "grafana-pcp-0:5.3.0-4.el10_1.x86_64",
"product_id": "grafana-pcp-0:5.3.0-4.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp@5.3.0-4.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.x86_64",
"product": {
"name": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.x86_64",
"product_id": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debugsource@5.3.0-4.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.x86_64",
"product": {
"name": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.x86_64",
"product_id": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debuginfo@5.3.0-4.el10_1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-0:5.3.0-4.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.aarch64"
},
"product_reference": "grafana-pcp-0:5.3.0-4.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-0:5.3.0-4.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.ppc64le"
},
"product_reference": "grafana-pcp-0:5.3.0-4.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-0:5.3.0-4.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.s390x"
},
"product_reference": "grafana-pcp-0:5.3.0-4.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-0:5.3.0-4.el10_1.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.src"
},
"product_reference": "grafana-pcp-0:5.3.0-4.el10_1.src",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-0:5.3.0-4.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.x86_64"
},
"product_reference": "grafana-pcp-0:5.3.0-4.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-pcp-debuginfo-0:5.3.0-4.el10_1.aarch64"
},
"product_reference": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-pcp-debuginfo-0:5.3.0-4.el10_1.ppc64le"
},
"product_reference": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-pcp-debuginfo-0:5.3.0-4.el10_1.s390x"
},
"product_reference": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-pcp-debuginfo-0:5.3.0-4.el10_1.x86_64"
},
"product_reference": "grafana-pcp-debuginfo-0:5.3.0-4.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-pcp-debugsource-0:5.3.0-4.el10_1.aarch64"
},
"product_reference": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-pcp-debugsource-0:5.3.0-4.el10_1.ppc64le"
},
"product_reference": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-pcp-debugsource-0:5.3.0-4.el10_1.s390x"
},
"product_reference": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-pcp-debugsource-0:5.3.0-4.el10_1.x86_64"
},
"product_reference": "grafana-pcp-debugsource-0:5.3.0-4.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.aarch64",
"AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.s390x",
"AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.src",
"AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.x86_64",
"AppStream-10.1.Z:grafana-pcp-debuginfo-0:5.3.0-4.el10_1.aarch64",
"AppStream-10.1.Z:grafana-pcp-debuginfo-0:5.3.0-4.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-pcp-debuginfo-0:5.3.0-4.el10_1.s390x",
"AppStream-10.1.Z:grafana-pcp-debuginfo-0:5.3.0-4.el10_1.x86_64",
"AppStream-10.1.Z:grafana-pcp-debugsource-0:5.3.0-4.el10_1.aarch64",
"AppStream-10.1.Z:grafana-pcp-debugsource-0:5.3.0-4.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-pcp-debugsource-0:5.3.0-4.el10_1.s390x",
"AppStream-10.1.Z:grafana-pcp-debugsource-0:5.3.0-4.el10_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T19:06:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.aarch64",
"AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.s390x",
"AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.src",
"AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.x86_64",
"AppStream-10.1.Z:grafana-pcp-debuginfo-0:5.3.0-4.el10_1.aarch64",
"AppStream-10.1.Z:grafana-pcp-debuginfo-0:5.3.0-4.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-pcp-debuginfo-0:5.3.0-4.el10_1.s390x",
"AppStream-10.1.Z:grafana-pcp-debuginfo-0:5.3.0-4.el10_1.x86_64",
"AppStream-10.1.Z:grafana-pcp-debugsource-0:5.3.0-4.el10_1.aarch64",
"AppStream-10.1.Z:grafana-pcp-debugsource-0:5.3.0-4.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-pcp-debugsource-0:5.3.0-4.el10_1.s390x",
"AppStream-10.1.Z:grafana-pcp-debugsource-0:5.3.0-4.el10_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11881"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.aarch64",
"AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.s390x",
"AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.src",
"AppStream-10.1.Z:grafana-pcp-0:5.3.0-4.el10_1.x86_64",
"AppStream-10.1.Z:grafana-pcp-debuginfo-0:5.3.0-4.el10_1.aarch64",
"AppStream-10.1.Z:grafana-pcp-debuginfo-0:5.3.0-4.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-pcp-debuginfo-0:5.3.0-4.el10_1.s390x",
"AppStream-10.1.Z:grafana-pcp-debuginfo-0:5.3.0-4.el10_1.x86_64",
"AppStream-10.1.Z:grafana-pcp-debugsource-0:5.3.0-4.el10_1.aarch64",
"AppStream-10.1.Z:grafana-pcp-debugsource-0:5.3.0-4.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-pcp-debugsource-0:5.3.0-4.el10_1.s390x",
"AppStream-10.1.Z:grafana-pcp-debugsource-0:5.3.0-4.el10_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
RHSA-2026:11704
Vulnerability from csaf_redhat - Published: 2026-04-29 13:09 - Updated: 2026-05-07 02:29Summary
Red Hat Security Advisory: grafana-pcp security update
Severity
Important
Notes
Topic: An update for grafana-pcp is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.
Security Fix(es):
* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11704
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11704
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for grafana-pcp is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.\n\nSecurity Fix(es):\n\n* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11704",
"url": "https://access.redhat.com/errata/RHSA-2026:11704"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11704.json"
}
],
"title": "Red Hat Security Advisory: grafana-pcp security update",
"tracking": {
"current_release_date": "2026-05-07T02:29:02+00:00",
"generator": {
"date": "2026-05-07T02:29:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:11704",
"initial_release_date": "2026-04-29T13:09:25+00:00",
"revision_history": [
{
"date": "2026-04-29T13:09:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-29T13:09:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T02:29:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-pcp-0:5.1.1-14.el9_7.src",
"product": {
"name": "grafana-pcp-0:5.1.1-14.el9_7.src",
"product_id": "grafana-pcp-0:5.1.1-14.el9_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp@5.1.1-14.el9_7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-pcp-0:5.1.1-14.el9_7.aarch64",
"product": {
"name": "grafana-pcp-0:5.1.1-14.el9_7.aarch64",
"product_id": "grafana-pcp-0:5.1.1-14.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp@5.1.1-14.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.aarch64",
"product": {
"name": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.aarch64",
"product_id": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debugsource@5.1.1-14.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.aarch64",
"product": {
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.aarch64",
"product_id": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debuginfo@5.1.1-14.el9_7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-pcp-0:5.1.1-14.el9_7.ppc64le",
"product": {
"name": "grafana-pcp-0:5.1.1-14.el9_7.ppc64le",
"product_id": "grafana-pcp-0:5.1.1-14.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp@5.1.1-14.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.ppc64le",
"product": {
"name": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.ppc64le",
"product_id": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debugsource@5.1.1-14.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.ppc64le",
"product": {
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.ppc64le",
"product_id": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debuginfo@5.1.1-14.el9_7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-pcp-0:5.1.1-14.el9_7.x86_64",
"product": {
"name": "grafana-pcp-0:5.1.1-14.el9_7.x86_64",
"product_id": "grafana-pcp-0:5.1.1-14.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp@5.1.1-14.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.x86_64",
"product": {
"name": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.x86_64",
"product_id": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debugsource@5.1.1-14.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.x86_64",
"product": {
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.x86_64",
"product_id": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debuginfo@5.1.1-14.el9_7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-pcp-0:5.1.1-14.el9_7.s390x",
"product": {
"name": "grafana-pcp-0:5.1.1-14.el9_7.s390x",
"product_id": "grafana-pcp-0:5.1.1-14.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp@5.1.1-14.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.s390x",
"product": {
"name": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.s390x",
"product_id": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debugsource@5.1.1-14.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.s390x",
"product": {
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.s390x",
"product_id": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debuginfo@5.1.1-14.el9_7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-0:5.1.1-14.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.aarch64"
},
"product_reference": "grafana-pcp-0:5.1.1-14.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-0:5.1.1-14.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.ppc64le"
},
"product_reference": "grafana-pcp-0:5.1.1-14.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-0:5.1.1-14.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.s390x"
},
"product_reference": "grafana-pcp-0:5.1.1-14.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-0:5.1.1-14.el9_7.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.src"
},
"product_reference": "grafana-pcp-0:5.1.1-14.el9_7.src",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-0:5.1.1-14.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.x86_64"
},
"product_reference": "grafana-pcp-0:5.1.1-14.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.aarch64"
},
"product_reference": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.ppc64le"
},
"product_reference": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.s390x"
},
"product_reference": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.x86_64"
},
"product_reference": "grafana-pcp-debuginfo-0:5.1.1-14.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.aarch64"
},
"product_reference": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.ppc64le"
},
"product_reference": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.s390x"
},
"product_reference": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.x86_64"
},
"product_reference": "grafana-pcp-debugsource-0:5.1.1-14.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.src",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T13:09:25+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.src",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11704"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.src",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.src",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.src",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T13:09:25+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.src",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.src",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-0:5.1.1-14.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debuginfo-0:5.1.1-14.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-pcp-debugsource-0:5.1.1-14.el9_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
RHSA-2026:11507
Vulnerability from csaf_redhat - Published: 2026-04-29 07:37 - Updated: 2026-05-07 02:29Summary
Red Hat Security Advisory: grafana security update
Severity
Important
Notes
Topic: An update for grafana is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
Security Fix(es):
* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11507
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11507
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11507
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for grafana is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB \u0026 OpenTSDB. \n\nSecurity Fix(es):\n\n* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11507",
"url": "https://access.redhat.com/errata/RHSA-2026:11507"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11507.json"
}
],
"title": "Red Hat Security Advisory: grafana security update",
"tracking": {
"current_release_date": "2026-05-07T02:29:02+00:00",
"generator": {
"date": "2026-05-07T02:29:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:11507",
"initial_release_date": "2026-04-29T07:37:39+00:00",
"revision_history": [
{
"date": "2026-04-29T07:37:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-29T07:37:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T02:29:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:9.2.10-30.el8_10.src",
"product": {
"name": "grafana-0:9.2.10-30.el8_10.src",
"product_id": "grafana-0:9.2.10-30.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@9.2.10-30.el8_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:9.2.10-30.el8_10.aarch64",
"product": {
"name": "grafana-0:9.2.10-30.el8_10.aarch64",
"product_id": "grafana-0:9.2.10-30.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@9.2.10-30.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:9.2.10-30.el8_10.aarch64",
"product": {
"name": "grafana-selinux-0:9.2.10-30.el8_10.aarch64",
"product_id": "grafana-selinux-0:9.2.10-30.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@9.2.10-30.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:9.2.10-30.el8_10.aarch64",
"product": {
"name": "grafana-debugsource-0:9.2.10-30.el8_10.aarch64",
"product_id": "grafana-debugsource-0:9.2.10-30.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@9.2.10-30.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:9.2.10-30.el8_10.aarch64",
"product": {
"name": "grafana-debuginfo-0:9.2.10-30.el8_10.aarch64",
"product_id": "grafana-debuginfo-0:9.2.10-30.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@9.2.10-30.el8_10?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:9.2.10-30.el8_10.ppc64le",
"product": {
"name": "grafana-0:9.2.10-30.el8_10.ppc64le",
"product_id": "grafana-0:9.2.10-30.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@9.2.10-30.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:9.2.10-30.el8_10.ppc64le",
"product": {
"name": "grafana-selinux-0:9.2.10-30.el8_10.ppc64le",
"product_id": "grafana-selinux-0:9.2.10-30.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@9.2.10-30.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:9.2.10-30.el8_10.ppc64le",
"product": {
"name": "grafana-debugsource-0:9.2.10-30.el8_10.ppc64le",
"product_id": "grafana-debugsource-0:9.2.10-30.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@9.2.10-30.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:9.2.10-30.el8_10.ppc64le",
"product": {
"name": "grafana-debuginfo-0:9.2.10-30.el8_10.ppc64le",
"product_id": "grafana-debuginfo-0:9.2.10-30.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@9.2.10-30.el8_10?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:9.2.10-30.el8_10.x86_64",
"product": {
"name": "grafana-0:9.2.10-30.el8_10.x86_64",
"product_id": "grafana-0:9.2.10-30.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@9.2.10-30.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:9.2.10-30.el8_10.x86_64",
"product": {
"name": "grafana-selinux-0:9.2.10-30.el8_10.x86_64",
"product_id": "grafana-selinux-0:9.2.10-30.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@9.2.10-30.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:9.2.10-30.el8_10.x86_64",
"product": {
"name": "grafana-debugsource-0:9.2.10-30.el8_10.x86_64",
"product_id": "grafana-debugsource-0:9.2.10-30.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@9.2.10-30.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:9.2.10-30.el8_10.x86_64",
"product": {
"name": "grafana-debuginfo-0:9.2.10-30.el8_10.x86_64",
"product_id": "grafana-debuginfo-0:9.2.10-30.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@9.2.10-30.el8_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:9.2.10-30.el8_10.s390x",
"product": {
"name": "grafana-0:9.2.10-30.el8_10.s390x",
"product_id": "grafana-0:9.2.10-30.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@9.2.10-30.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:9.2.10-30.el8_10.s390x",
"product": {
"name": "grafana-selinux-0:9.2.10-30.el8_10.s390x",
"product_id": "grafana-selinux-0:9.2.10-30.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@9.2.10-30.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:9.2.10-30.el8_10.s390x",
"product": {
"name": "grafana-debugsource-0:9.2.10-30.el8_10.s390x",
"product_id": "grafana-debugsource-0:9.2.10-30.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@9.2.10-30.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:9.2.10-30.el8_10.s390x",
"product": {
"name": "grafana-debuginfo-0:9.2.10-30.el8_10.s390x",
"product_id": "grafana-debuginfo-0:9.2.10-30.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@9.2.10-30.el8_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:9.2.10-30.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.aarch64"
},
"product_reference": "grafana-0:9.2.10-30.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:9.2.10-30.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.ppc64le"
},
"product_reference": "grafana-0:9.2.10-30.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:9.2.10-30.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.s390x"
},
"product_reference": "grafana-0:9.2.10-30.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:9.2.10-30.el8_10.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.src"
},
"product_reference": "grafana-0:9.2.10-30.el8_10.src",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:9.2.10-30.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.x86_64"
},
"product_reference": "grafana-0:9.2.10-30.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:9.2.10-30.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.aarch64"
},
"product_reference": "grafana-debuginfo-0:9.2.10-30.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:9.2.10-30.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.ppc64le"
},
"product_reference": "grafana-debuginfo-0:9.2.10-30.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:9.2.10-30.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.s390x"
},
"product_reference": "grafana-debuginfo-0:9.2.10-30.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:9.2.10-30.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.x86_64"
},
"product_reference": "grafana-debuginfo-0:9.2.10-30.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:9.2.10-30.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.aarch64"
},
"product_reference": "grafana-debugsource-0:9.2.10-30.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:9.2.10-30.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.ppc64le"
},
"product_reference": "grafana-debugsource-0:9.2.10-30.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:9.2.10-30.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.s390x"
},
"product_reference": "grafana-debugsource-0:9.2.10-30.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:9.2.10-30.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.x86_64"
},
"product_reference": "grafana-debugsource-0:9.2.10-30.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:9.2.10-30.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.aarch64"
},
"product_reference": "grafana-selinux-0:9.2.10-30.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:9.2.10-30.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.ppc64le"
},
"product_reference": "grafana-selinux-0:9.2.10-30.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:9.2.10-30.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.s390x"
},
"product_reference": "grafana-selinux-0:9.2.10-30.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:9.2.10-30.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.x86_64"
},
"product_reference": "grafana-selinux-0:9.2.10-30.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T07:37:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11507"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T07:37:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11507"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T07:37:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11507"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debuginfo-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-debugsource-0:9.2.10-30.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-selinux-0:9.2.10-30.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
RHSA-2026:14162
Vulnerability from csaf_redhat - Published: 2026-05-06 13:54 - Updated: 2026-05-06 21:11Summary
Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.9.3 release
Severity
Important
Notes
Topic: Red Hat build of OpenTelemetry 3.9.3 has been released
Details: This release of the Red Hat build of OpenTelemetry provides security improvements.
Breaking changes:
* None
Deprecations:
* None
Technology Preview features:
* None
Enhancements:
* None
Bug fixes:
* TOCTOU race condition in libcap cap_set_file() function is fixed. Previously, the cap_set_file() function in libcap contained a Time-of-check-to-time-of-use (TOCTOU) race condition. A local unprivileged user with write access to a parent directory could exploit this vulnerability to redirect file capability updates to an attacker-controlled file. This flaw allowed an attacker to inject capabilities into or strip capabilities from unintended executables, leading to privilege escalation. With this update, the race condition in cap_set_file() is fixed. As a result, file capability updates are applied to the intended target files, and the vulnerability is no longer exploitable. For more information, see https://access.redhat.com/security/cve/CVE-2026-4878.
* Integer overflow vulnerability in Apache Thrift TFramedTransport Go implementation is fixed. Previously, the Apache Thrift TFramedTransport Go language implementation contained an integer overflow or wraparound vulnerability. An attacker could exploit this flaw to cause unexpected behavior or resource exhaustion, leading to a denial of service. With this update, the integer overflow issue is fixed. As a result, TFramedTransport correctly handles integer values, and the vulnerability is no longer exploitable. For more information, see https://access.redhat.com/security/cve/CVE-2026-41602.
* Denial of service vulnerability in Go crypto/x509 and crypto/tls packages is fixed. Previously, the Go standard library packages crypto/x509 and crypto/tls did not properly limit the number of intermediate certificates processed during certificate chain building. An attacker could provide an excessive number of intermediate certificates, causing an uncontrolled amount of work. This flaw could result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users. With this update, the number of intermediate certificates processed during certificate chain building is properly limited. As a result, the packages handle certificate chains efficiently, and the vulnerability is no longer exploitable. For more information, see https://access.redhat.com/security/cve/CVE-2026-32280.
* TLS 1.3 connection deadlock vulnerability is fixed. Previously, if one side of a TLS 1.3 connection sent multiple key update messages post-handshake in a single record, the connection could deadlock. This deadlock caused uncontrolled consumption of resources and could lead to a denial of service. With this update, TLS 1.3 connections correctly handle multiple key update messages in a single record. As a result, connections no longer deadlock, and the vulnerability is no longer exploitable. For more information about CVE-2026-32283, see https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU.
* IPC API vulnerability in systemd is fixed. Previously, system and service manager systemd contained a flaw that an unprivileged user could exploit by making an Inter-Process Communication (IPC) API call with spurious data. In older versions (v249 and earlier), this flaw could lead to stack overwriting with attacker-controlled content, potentially enabling arbitrary code execution or privilege escalation. In newer versions (v250 and later), this flaw caused systemd to assert and freeze, resulting in a denial of service (DoS). With this update, systemd correctly validates IPC API calls. As a result, the vulnerability is no longer exploitable. For more information, see https://access.redhat.com/security/cve/CVE-2026-29111.
Known issues:
* The filesystem scraper does not produce the system.filesystem.inodes.usage and system.filesystem.usage metrics in the Host Metrics Receiver after upgrading from Collector version 0.142.0 to 0.143.0 or later. No known workaround exists. For more information, see https://issues.redhat.com/browse/TRACING-5963.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.
6.7 (Medium)
Vendor Fix
For details on how to apply this update, refer to:
https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators
https://access.redhat.com/errata/RHSA-2026:14162
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication (IPC) API call with spurious data. In older versions (v249 and earlier), this can lead to stack overwriting with attacker-controlled content, potentially enabling arbitrary code execution or privilege escalation. In newer versions (v250 and later), the flaw causes systemd to assert and freeze, resulting in a Denial of Service (DoS).
7.8 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators
https://access.redhat.com/errata/RHSA-2026:14162
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
7.5 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators
https://access.redhat.com/errata/RHSA-2026:14162
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
7.5 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators
https://access.redhat.com/errata/RHSA-2026:14162
A flaw was found in the Apache Thrift TFramedTransport Go language implementation. This integer overflow or wraparound vulnerability could potentially allow an attacker to cause unexpected behavior or resource exhaustion, leading to a denial of service.
7.5 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators
https://access.redhat.com/errata/RHSA-2026:14162
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Ali Raza
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat build of OpenTelemetry 3.9.3 has been released",
"title": "Topic"
},
{
"category": "general",
"text": "This release of the Red Hat build of OpenTelemetry provides security improvements.\n\n\nBreaking changes:\n\n* None\n\n\nDeprecations:\n\n* None\n\n\nTechnology Preview features:\n\n* None\n\n\nEnhancements:\n\n* None\n\n\nBug fixes:\n\n* TOCTOU race condition in libcap cap_set_file() function is fixed. Previously, the cap_set_file() function in libcap contained a Time-of-check-to-time-of-use (TOCTOU) race condition. A local unprivileged user with write access to a parent directory could exploit this vulnerability to redirect file capability updates to an attacker-controlled file. This flaw allowed an attacker to inject capabilities into or strip capabilities from unintended executables, leading to privilege escalation. With this update, the race condition in cap_set_file() is fixed. As a result, file capability updates are applied to the intended target files, and the vulnerability is no longer exploitable. For more information, see https://access.redhat.com/security/cve/CVE-2026-4878.\n\n* Integer overflow vulnerability in Apache Thrift TFramedTransport Go implementation is fixed. Previously, the Apache Thrift TFramedTransport Go language implementation contained an integer overflow or wraparound vulnerability. An attacker could exploit this flaw to cause unexpected behavior or resource exhaustion, leading to a denial of service. With this update, the integer overflow issue is fixed. As a result, TFramedTransport correctly handles integer values, and the vulnerability is no longer exploitable. For more information, see https://access.redhat.com/security/cve/CVE-2026-41602.\n\n* Denial of service vulnerability in Go crypto/x509 and crypto/tls packages is fixed. Previously, the Go standard library packages crypto/x509 and crypto/tls did not properly limit the number of intermediate certificates processed during certificate chain building. An attacker could provide an excessive number of intermediate certificates, causing an uncontrolled amount of work. This flaw could result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users. With this update, the number of intermediate certificates processed during certificate chain building is properly limited. As a result, the packages handle certificate chains efficiently, and the vulnerability is no longer exploitable. For more information, see https://access.redhat.com/security/cve/CVE-2026-32280.\n\n* TLS 1.3 connection deadlock vulnerability is fixed. Previously, if one side of a TLS 1.3 connection sent multiple key update messages post-handshake in a single record, the connection could deadlock. This deadlock caused uncontrolled consumption of resources and could lead to a denial of service. With this update, TLS 1.3 connections correctly handle multiple key update messages in a single record. As a result, connections no longer deadlock, and the vulnerability is no longer exploitable. For more information about CVE-2026-32283, see https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU.\n\n* IPC API vulnerability in systemd is fixed. Previously, system and service manager systemd contained a flaw that an unprivileged user could exploit by making an Inter-Process Communication (IPC) API call with spurious data. In older versions (v249 and earlier), this flaw could lead to stack overwriting with attacker-controlled content, potentially enabling arbitrary code execution or privilege escalation. In newer versions (v250 and later), this flaw caused systemd to assert and freeze, resulting in a denial of service (DoS). With this update, systemd correctly validates IPC API calls. As a result, the vulnerability is no longer exploitable. For more information, see https://access.redhat.com/security/cve/CVE-2026-29111.\n\n\nKnown issues:\n\n* The filesystem scraper does not produce the system.filesystem.inodes.usage and system.filesystem.usage metrics in the Host Metrics Receiver after upgrading from Collector version 0.142.0 to 0.143.0 or later. No known workaround exists. For more information, see https://issues.redhat.com/browse/TRACING-5963.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:14162",
"url": "https://access.redhat.com/errata/RHSA-2026:14162"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29111",
"url": "https://access.redhat.com/security/cve/CVE-2026-29111"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32283",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-41602",
"url": "https://access.redhat.com/security/cve/CVE-2026-41602"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4878",
"url": "https://access.redhat.com/security/cve/CVE-2026-4878"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/red_hat_build_of_opentelemetry",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/red_hat_build_of_opentelemetry"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_14162.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.9.3 release",
"tracking": {
"current_release_date": "2026-05-06T21:11:08+00:00",
"generator": {
"date": "2026-05-06T21:11:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:14162",
"initial_release_date": "2026-05-06T13:54:24+00:00",
"revision_history": [
{
"date": "2026-05-06T13:54:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-06T13:54:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-06T21:11:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift distributed tracing 3.9.3",
"product": {
"name": "Red Hat OpenShift distributed tracing 3.9.3",
"product_id": "Red Hat OpenShift distributed tracing 3.9.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift distributed tracing"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-operator-bundle@sha256%3A736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1778059129"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel9@sha256%3A5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1778056267"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel9-operator@sha256%3Aa12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1778056233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-target-allocator-rhel9@sha256%3Ac8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1778056245"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel9@sha256%3A3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1778056267"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel9-operator@sha256%3Afcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1778056233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-target-allocator-rhel9@sha256%3Ac87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1778056245"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel9@sha256%3A36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1778056267"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel9-operator@sha256%3Ad52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1778056233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-target-allocator-rhel9@sha256%3A676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1778056245"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel9@sha256%3A265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1778056267"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel9-operator@sha256%3A109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1778056233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-target-allocator-rhel9@sha256%3Aa2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1778056245"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x as a component of Red Hat OpenShift distributed tracing 3.9.3",
"product_id": "Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64 as a component of Red Hat OpenShift distributed tracing 3.9.3",
"product_id": "Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le as a component of Red Hat OpenShift distributed tracing 3.9.3",
"product_id": "Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64 as a component of Red Hat OpenShift distributed tracing 3.9.3",
"product_id": "Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64 as a component of Red Hat OpenShift distributed tracing 3.9.3",
"product_id": "Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x as a component of Red Hat OpenShift distributed tracing 3.9.3",
"product_id": "Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64 as a component of Red Hat OpenShift distributed tracing 3.9.3",
"product_id": "Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le as a component of Red Hat OpenShift distributed tracing 3.9.3",
"product_id": "Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64 as a component of Red Hat OpenShift distributed tracing 3.9.3",
"product_id": "Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le as a component of Red Hat OpenShift distributed tracing 3.9.3",
"product_id": "Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x as a component of Red Hat OpenShift distributed tracing 3.9.3",
"product_id": "Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64 as a component of Red Hat OpenShift distributed tracing 3.9.3",
"product_id": "Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64 as a component of Red Hat OpenShift distributed tracing 3.9.3",
"product_id": "Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.3"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Ali Raza"
]
}
],
"cve": "CVE-2026-4878",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-03-26T06:56:21.213270+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw. A Time-of-Check-to-Time-of-Use (TOCTOU) race condition in libcap\u0027s cap_set_file() allows a local unprivileged user to escalate privileges. An attacker with write access to a parent directory can exploit a narrow window during file capability updates to redirect capabilities to an attacker-controlled file. This can lead to the injection of elevated privileges into an unintended executable when privileged processes, such as setcap or container tooling, invoke cap_set_file() on attacker-influenced paths.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4878"
},
{
"category": "external",
"summary": "RHBZ#2451615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4878"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4878",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4878"
},
{
"category": "external",
"summary": "https://bugzilla.redhat.com/show_bug.cgi?id=2447554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447554"
}
],
"release_date": "2026-04-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T13:54:24+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14162"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()"
},
{
"cve": "CVE-2026-29111",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-03-23T22:01:54.593547+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450505"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication (IPC) API call with spurious data. In older versions (v249 and earlier), this can lead to stack overwriting with attacker-controlled content, potentially enabling arbitrary code execution or privilege escalation. In newer versions (v250 and later), the flaw causes systemd to assert and freeze, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29111"
},
{
"category": "external",
"summary": "RHBZ#2450505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450505"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29111",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29111"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29111",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29111"
},
{
"category": "external",
"summary": "https://github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758a",
"url": "https://github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758a"
},
{
"category": "external",
"summary": "https://github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6",
"url": "https://github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6"
},
{
"category": "external",
"summary": "https://github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412",
"url": "https://github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412"
},
{
"category": "external",
"summary": "https://github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabd",
"url": "https://github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabd"
},
{
"category": "external",
"summary": "https://github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9f",
"url": "https://github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9f"
},
{
"category": "external",
"summary": "https://github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628f",
"url": "https://github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628f"
},
{
"category": "external",
"summary": "https://github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69",
"url": "https://github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69"
},
{
"category": "external",
"summary": "https://github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6",
"url": "https://github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6"
},
{
"category": "external",
"summary": "https://github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6c",
"url": "https://github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6c"
},
{
"category": "external",
"summary": "https://github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8",
"url": "https://github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8"
},
{
"category": "external",
"summary": "https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764",
"url": "https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764"
}
],
"release_date": "2026-03-23T21:03:56.120000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T13:54:24+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14162"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T13:54:24+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14162"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T13:54:24+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14162"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
},
{
"cve": "CVE-2026-41602",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-04-28T10:01:16.099816+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463407"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Thrift TFramedTransport Go language implementation. This integer overflow or wraparound vulnerability could potentially allow an attacker to cause unexpected behavior or resource exhaustion, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/apache/thrift: Apache Thrift: Integer Overflow in TFramedTransport Go implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41602"
},
{
"category": "external",
"summary": "RHBZ#2463407",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463407"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41602",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41602"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41602",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41602"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/04/28/6",
"url": "http://www.openwall.com/lists/oss-security/2026/04/28/6"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql",
"url": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"
}
],
"release_date": "2026-04-28T09:19:06.646000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T13:54:24+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14162"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:265d8d864589e9ca6739e5eff46be545dc531aa6aa72378674b3ae9ff48f14ac_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:3485dd7a7615da6e658547c117818f41c855aa8fcff80b609e56afec46e00546_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:36790acac3369dd38803aca4433376edfa9edc8785ea0b61ec95b931effddf00_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-collector-rhel9@sha256:5adac8b8aa26beaa38c4a0d20f0271890c0fbaf06b9bcbc7c00a3e27cd1a4c5b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:736f03edb0dfea64fcb9a723dc8a01d8ffd4f2c5b952b3a8f1b2ab6b7320af4b_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:109f44564a590b7dbdf7337f93a5297875f58e2810123a134a5386a5ba8bd62b_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:a12ee44613f8bb32f083f719b08af74a8e72815ab35156cb23242f2889745865_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:d52121422c85bc4b79590e67bf047d90b50b763425fcf5676265f65eb3faa1e2_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-rhel9-operator@sha256:fcd49001027e05749fd68dadc316af46bd7d49931821950cbeb037c7d19f7d66_arm64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:676693e80ea746f3e6382a0cd81b21c77c3922cafa74ec3a349b89943d59f2ee_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:a2d150f31c8e11e4d0cc651d8a58212f769d00b453e6a7efcc68ca5cca63878d_s390x",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c8348d21a8cecefea08d43a4bcd4898bc086ce91ccd60a2e9c31bbb13e5511c7_amd64",
"Red Hat OpenShift distributed tracing 3.9.3:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel9@sha256:c87072639a6a332398c6681de4f18578c4778f33117e25be63fca278bb94ab2b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/apache/thrift: Apache Thrift: Integer Overflow in TFramedTransport Go implementation"
}
]
}
RHSA-2026:10704
Vulnerability from csaf_redhat - Published: 2026-04-27 02:21 - Updated: 2026-05-07 02:29Summary
Red Hat Security Advisory: go-toolset:rhel8 security update
Severity
Important
Notes
Topic: An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
* golang: cmd/compile: no-op interface conversion bypasses overlap checking (CVE-2026-27144)
* cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names (CVE-2026-27140)
* golang: cmd/compile: possible memory corruption after bound check elimination (CVE-2026-27143)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Go programming language (golang) and its command-line tool (cmd/go). A remote attacker could exploit this during the build process by crafting malicious SWIG (Simplified Wrapper and Interface Generator) file names that contain "cgo" and specific payloads. This could lead to code smuggling and arbitrary code execution, bypassing trust mechanisms and allowing the attacker to run unauthorized code.
9.0 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10704
A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially leading to memory corruption.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10704
Workaround
To mitigate this vulnerability, strictly sanitize and enforce bounds checking on any untrusted user input that influences loop counters, iteration limits, or memory indices. If there is no integer overflow or underflow, the out-of-bounds access cannot occur.
A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data corruption, memory corruption or unexpected application behavior.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10704
Workaround
To mitigate this issue, review code that performs memory copies or struct assignments. If data is being passed through an interface (such as 'any' or 'interface{}') just before a move operation, refactor the code to use concrete types or explicit pointers instead.
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10704
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10704
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10704
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\n* golang: cmd/compile: no-op interface conversion bypasses overlap checking (CVE-2026-27144)\n\n* cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names (CVE-2026-27140)\n\n* golang: cmd/compile: possible memory corruption after bound check elimination (CVE-2026-27143)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:10704",
"url": "https://access.redhat.com/errata/RHSA-2026:10704"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "2456340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456340"
},
{
"category": "external",
"summary": "2456341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456341"
},
{
"category": "external",
"summary": "2456342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456342"
},
{
"category": "external",
"summary": "RHEL-169932",
"url": "https://issues.redhat.com/browse/RHEL-169932"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_10704.json"
}
],
"title": "Red Hat Security Advisory: go-toolset:rhel8 security update",
"tracking": {
"current_release_date": "2026-05-07T02:29:00+00:00",
"generator": {
"date": "2026-05-07T02:29:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:10704",
"initial_release_date": "2026-04-27T02:21:42+00:00",
"revision_history": [
{
"date": "2026-04-27T02:21:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-27T02:21:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T02:29:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"product": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src (go-toolset:rhel8)",
"product_id": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=src\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"product": {
"name": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src (go-toolset:rhel8)",
"product_id": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=src\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"product": {
"name": "golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch (go-toolset:rhel8)",
"product_id": "golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"product": {
"name": "golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch (go-toolset:rhel8)",
"product_id": "golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"product": {
"name": "golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch (go-toolset:rhel8)",
"product_id": "golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"product": {
"name": "golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch (go-toolset:rhel8)",
"product_id": "golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8)",
"product_id": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64 (go-toolset:rhel8)",
"product_id": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64 (go-toolset:rhel8)",
"product_id": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8)",
"product_id": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le (go-toolset:rhel8)",
"product_id": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le (go-toolset:rhel8)",
"product_id": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8)",
"product_id": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64 (go-toolset:rhel8)",
"product_id": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64 (go-toolset:rhel8)",
"product_id": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"product": {
"name": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x (go-toolset:rhel8)",
"product_id": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x (go-toolset:rhel8)",
"product_id": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.9-1.module%2Bel8.10.0%2B24226%2Bc418b32c?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020260422204008:a3795dee"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8"
},
"product_reference": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8"
},
"product_reference": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8"
},
"product_reference": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8"
},
"product_reference": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8"
},
"product_reference": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
},
"product_reference": "golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
},
"product_reference": "golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
},
"product_reference": "golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
},
"product_reference": "golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27140",
"cwe": {
"id": "CWE-641",
"name": "Improper Restriction of Names for Files and Other Resources"
},
"discovery_date": "2026-04-08T02:01:26.299804+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456341"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go programming language (golang) and its command-line tool (cmd/go). A remote attacker could exploit this during the build process by crafting malicious SWIG (Simplified Wrapper and Interface Generator) file names that contain \"cgo\" and specific payloads. This could lead to code smuggling and arbitrary code execution, bypassing trust mechanisms and allowing the attacker to run unauthorized code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27140"
},
{
"category": "external",
"summary": "RHBZ#2456341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27140",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27140"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27140",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27140"
},
{
"category": "external",
"summary": "https://go.dev/cl/763768",
"url": "https://go.dev/cl/763768"
},
{
"category": "external",
"summary": "https://go.dev/issue/78335",
"url": "https://go.dev/issue/78335"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4871",
"url": "https://pkg.go.dev/vuln/GO-2026-4871"
}
],
"release_date": "2026-04-08T01:06:57.893000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T02:21:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names"
},
{
"cve": "CVE-2026-27143",
"cwe": {
"id": "CWE-733",
"name": "Compiler Optimization Removal or Modification of Security-critical Code"
},
"discovery_date": "2026-04-08T02:01:29.491546+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456342"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially leading to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: cmd/compile: possible memory corruption after bound check elimination",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is only exploitable in applications that contain a loop structure that relies on an induction variable. An induction variable is a variable that gets modified, usually incremented or decremented, by a predictable amount on each iteration. Inside the loop, the induction variable must be directly used as the index to access or modify elements within an array or a slice. Additionally, an attacker must be able to cause an integer overflow or underflow in the induction variable to trigger this issue. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27143"
},
{
"category": "external",
"summary": "RHBZ#2456342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143"
},
{
"category": "external",
"summary": "https://go.dev/cl/763765",
"url": "https://go.dev/cl/763765"
},
{
"category": "external",
"summary": "https://go.dev/issue/78333",
"url": "https://go.dev/issue/78333"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4868",
"url": "https://pkg.go.dev/vuln/GO-2026-4868"
}
],
"release_date": "2026-04-08T01:06:57.168000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T02:21:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10704"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, strictly sanitize and enforce bounds checking on any untrusted user input that influences loop counters, iteration limits, or memory indices. If there is no integer overflow or underflow, the out-of-bounds access cannot occur.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: cmd/compile: possible memory corruption after bound check elimination"
},
{
"cve": "CVE-2026-27144",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2026-04-08T02:01:22.896153+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data corruption, memory corruption or unexpected application behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: cmd/compile: no-op interface conversion bypasses overlap checking",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable in applications that contain a memory move or copy operation that is subject to a no-op (no-operation) interface conversion. Furthermore, the source and destination memory addresses involved in the move or copy must overlap and an attacker must be able to supply an input that triggers this specific operation. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27144"
},
{
"category": "external",
"summary": "RHBZ#2456340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27144"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144"
},
{
"category": "external",
"summary": "https://go.dev/cl/763764",
"url": "https://go.dev/cl/763764"
},
{
"category": "external",
"summary": "https://go.dev/issue/78371",
"url": "https://go.dev/issue/78371"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4867",
"url": "https://pkg.go.dev/vuln/GO-2026-4867"
}
],
"release_date": "2026-04-08T01:06:56.908000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T02:21:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10704"
},
{
"category": "workaround",
"details": "To mitigate this issue, review code that performs memory copies or struct assignments. If data is being passed through an interface (such as \u0027any\u0027 or \u0027interface{}\u0027) just before a move operation, refactor the code to use concrete types or explicit pointers instead.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: cmd/compile: no-op interface conversion bypasses overlap checking"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T02:21:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T02:21:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10704"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T02:21:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.9-1.module+el8.10.0+24226+c418b32c.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.9-1.module+el8.10.0+24226+c418b32c.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
RHSA-2026:10217
Vulnerability from csaf_redhat - Published: 2026-04-23 21:39 - Updated: 2026-05-07 02:29Summary
Red Hat Security Advisory: golang security update
Severity
Important
Notes
Topic: An update for golang is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The golang packages provide the Go programming language compiler.
Security Fix(es):
* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
* golang: cmd/compile: no-op interface conversion bypasses overlap checking (CVE-2026-27144)
* cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names (CVE-2026-27140)
* golang: cmd/compile: possible memory corruption after bound check elimination (CVE-2026-27143)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Go programming language (golang) and its command-line tool (cmd/go). A remote attacker could exploit this during the build process by crafting malicious SWIG (Simplified Wrapper and Interface Generator) file names that contain "cgo" and specific payloads. This could lead to code smuggling and arbitrary code execution, bypassing trust mechanisms and allowing the attacker to run unauthorized code.
9.0 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10217
A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially leading to memory corruption.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10217
Workaround
To mitigate this vulnerability, strictly sanitize and enforce bounds checking on any untrusted user input that influences loop counters, iteration limits, or memory indices. If there is no integer overflow or underflow, the out-of-bounds access cannot occur.
A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data corruption, memory corruption or unexpected application behavior.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10217
Workaround
To mitigate this issue, review code that performs memory copies or struct assignments. If data is being passed through an interface (such as 'any' or 'interface{}') just before a move operation, refactor the code to use concrete types or explicit pointers instead.
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10217
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10217
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10217
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\n* golang: cmd/compile: no-op interface conversion bypasses overlap checking (CVE-2026-27144)\n\n* cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names (CVE-2026-27140)\n\n* golang: cmd/compile: possible memory corruption after bound check elimination (CVE-2026-27143)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:10217",
"url": "https://access.redhat.com/errata/RHSA-2026:10217"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "2456340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456340"
},
{
"category": "external",
"summary": "2456341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456341"
},
{
"category": "external",
"summary": "2456342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456342"
},
{
"category": "external",
"summary": "RHEL-169928",
"url": "https://issues.redhat.com/browse/RHEL-169928"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_10217.json"
}
],
"title": "Red Hat Security Advisory: golang security update",
"tracking": {
"current_release_date": "2026-05-07T02:29:00+00:00",
"generator": {
"date": "2026-05-07T02:29:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:10217",
"initial_release_date": "2026-04-23T21:39:53+00:00",
"revision_history": [
{
"date": "2026-04-23T21:39:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-23T21:39:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T02:29:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.9-3.el10_1.aarch64",
"product": {
"name": "go-toolset-0:1.25.9-3.el10_1.aarch64",
"product_id": "go-toolset-0:1.25.9-3.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.9-3.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.9-3.el10_1.aarch64",
"product": {
"name": "golang-0:1.25.9-3.el10_1.aarch64",
"product_id": "golang-0:1.25.9-3.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.9-3.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.9-3.el10_1.aarch64",
"product": {
"name": "golang-bin-0:1.25.9-3.el10_1.aarch64",
"product_id": "golang-bin-0:1.25.9-3.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.9-3.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.9-3.el10_1.aarch64",
"product": {
"name": "golang-race-0:1.25.9-3.el10_1.aarch64",
"product_id": "golang-race-0:1.25.9-3.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.9-3.el10_1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.9-3.el10_1.ppc64le",
"product": {
"name": "go-toolset-0:1.25.9-3.el10_1.ppc64le",
"product_id": "go-toolset-0:1.25.9-3.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.9-3.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.9-3.el10_1.ppc64le",
"product": {
"name": "golang-0:1.25.9-3.el10_1.ppc64le",
"product_id": "golang-0:1.25.9-3.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.9-3.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.9-3.el10_1.ppc64le",
"product": {
"name": "golang-bin-0:1.25.9-3.el10_1.ppc64le",
"product_id": "golang-bin-0:1.25.9-3.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.9-3.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.9-3.el10_1.ppc64le",
"product": {
"name": "golang-race-0:1.25.9-3.el10_1.ppc64le",
"product_id": "golang-race-0:1.25.9-3.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.9-3.el10_1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.9-3.el10_1.s390x",
"product": {
"name": "go-toolset-0:1.25.9-3.el10_1.s390x",
"product_id": "go-toolset-0:1.25.9-3.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.9-3.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.9-3.el10_1.s390x",
"product": {
"name": "golang-0:1.25.9-3.el10_1.s390x",
"product_id": "golang-0:1.25.9-3.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.9-3.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.9-3.el10_1.s390x",
"product": {
"name": "golang-bin-0:1.25.9-3.el10_1.s390x",
"product_id": "golang-bin-0:1.25.9-3.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.9-3.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.9-3.el10_1.s390x",
"product": {
"name": "golang-race-0:1.25.9-3.el10_1.s390x",
"product_id": "golang-race-0:1.25.9-3.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.9-3.el10_1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.9-3.el10_1.x86_64",
"product": {
"name": "go-toolset-0:1.25.9-3.el10_1.x86_64",
"product_id": "go-toolset-0:1.25.9-3.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.9-3.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.9-3.el10_1.x86_64",
"product": {
"name": "golang-0:1.25.9-3.el10_1.x86_64",
"product_id": "golang-0:1.25.9-3.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.9-3.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.9-3.el10_1.x86_64",
"product": {
"name": "golang-bin-0:1.25.9-3.el10_1.x86_64",
"product_id": "golang-bin-0:1.25.9-3.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.9-3.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.9-3.el10_1.x86_64",
"product": {
"name": "golang-race-0:1.25.9-3.el10_1.x86_64",
"product_id": "golang-race-0:1.25.9-3.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.9-3.el10_1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.25.9-3.el10_1.src",
"product": {
"name": "golang-0:1.25.9-3.el10_1.src",
"product_id": "golang-0:1.25.9-3.el10_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.9-3.el10_1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.25.9-3.el10_1.noarch",
"product": {
"name": "golang-docs-0:1.25.9-3.el10_1.noarch",
"product_id": "golang-docs-0:1.25.9-3.el10_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.25.9-3.el10_1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.25.9-3.el10_1.noarch",
"product": {
"name": "golang-misc-0:1.25.9-3.el10_1.noarch",
"product_id": "golang-misc-0:1.25.9-3.el10_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.25.9-3.el10_1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.25.9-3.el10_1.noarch",
"product": {
"name": "golang-src-0:1.25.9-3.el10_1.noarch",
"product_id": "golang-src-0:1.25.9-3.el10_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.25.9-3.el10_1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.25.9-3.el10_1.noarch",
"product": {
"name": "golang-tests-0:1.25.9-3.el10_1.noarch",
"product_id": "golang-tests-0:1.25.9-3.el10_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.25.9-3.el10_1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.9-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64"
},
"product_reference": "go-toolset-0:1.25.9-3.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.9-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le"
},
"product_reference": "go-toolset-0:1.25.9-3.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.9-3.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x"
},
"product_reference": "go-toolset-0:1.25.9-3.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.9-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64"
},
"product_reference": "go-toolset-0:1.25.9-3.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.9-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64"
},
"product_reference": "golang-0:1.25.9-3.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.9-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le"
},
"product_reference": "golang-0:1.25.9-3.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.9-3.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x"
},
"product_reference": "golang-0:1.25.9-3.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.9-3.el10_1.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src"
},
"product_reference": "golang-0:1.25.9-3.el10_1.src",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.9-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64"
},
"product_reference": "golang-0:1.25.9-3.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.9-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64"
},
"product_reference": "golang-bin-0:1.25.9-3.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.9-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le"
},
"product_reference": "golang-bin-0:1.25.9-3.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.9-3.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x"
},
"product_reference": "golang-bin-0:1.25.9-3.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.9-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64"
},
"product_reference": "golang-bin-0:1.25.9-3.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.25.9-3.el10_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch"
},
"product_reference": "golang-docs-0:1.25.9-3.el10_1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.25.9-3.el10_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch"
},
"product_reference": "golang-misc-0:1.25.9-3.el10_1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.9-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64"
},
"product_reference": "golang-race-0:1.25.9-3.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.9-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le"
},
"product_reference": "golang-race-0:1.25.9-3.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.9-3.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x"
},
"product_reference": "golang-race-0:1.25.9-3.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.9-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64"
},
"product_reference": "golang-race-0:1.25.9-3.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.25.9-3.el10_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch"
},
"product_reference": "golang-src-0:1.25.9-3.el10_1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.25.9-3.el10_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
},
"product_reference": "golang-tests-0:1.25.9-3.el10_1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27140",
"cwe": {
"id": "CWE-641",
"name": "Improper Restriction of Names for Files and Other Resources"
},
"discovery_date": "2026-04-08T02:01:26.299804+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456341"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go programming language (golang) and its command-line tool (cmd/go). A remote attacker could exploit this during the build process by crafting malicious SWIG (Simplified Wrapper and Interface Generator) file names that contain \"cgo\" and specific payloads. This could lead to code smuggling and arbitrary code execution, bypassing trust mechanisms and allowing the attacker to run unauthorized code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27140"
},
{
"category": "external",
"summary": "RHBZ#2456341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27140",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27140"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27140",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27140"
},
{
"category": "external",
"summary": "https://go.dev/cl/763768",
"url": "https://go.dev/cl/763768"
},
{
"category": "external",
"summary": "https://go.dev/issue/78335",
"url": "https://go.dev/issue/78335"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4871",
"url": "https://pkg.go.dev/vuln/GO-2026-4871"
}
],
"release_date": "2026-04-08T01:06:57.893000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T21:39:53+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10217"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names"
},
{
"cve": "CVE-2026-27143",
"cwe": {
"id": "CWE-733",
"name": "Compiler Optimization Removal or Modification of Security-critical Code"
},
"discovery_date": "2026-04-08T02:01:29.491546+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456342"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially leading to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: cmd/compile: possible memory corruption after bound check elimination",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is only exploitable in applications that contain a loop structure that relies on an induction variable. An induction variable is a variable that gets modified, usually incremented or decremented, by a predictable amount on each iteration. Inside the loop, the induction variable must be directly used as the index to access or modify elements within an array or a slice. Additionally, an attacker must be able to cause an integer overflow or underflow in the induction variable to trigger this issue. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27143"
},
{
"category": "external",
"summary": "RHBZ#2456342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143"
},
{
"category": "external",
"summary": "https://go.dev/cl/763765",
"url": "https://go.dev/cl/763765"
},
{
"category": "external",
"summary": "https://go.dev/issue/78333",
"url": "https://go.dev/issue/78333"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4868",
"url": "https://pkg.go.dev/vuln/GO-2026-4868"
}
],
"release_date": "2026-04-08T01:06:57.168000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T21:39:53+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10217"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, strictly sanitize and enforce bounds checking on any untrusted user input that influences loop counters, iteration limits, or memory indices. If there is no integer overflow or underflow, the out-of-bounds access cannot occur.",
"product_ids": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: cmd/compile: possible memory corruption after bound check elimination"
},
{
"cve": "CVE-2026-27144",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2026-04-08T02:01:22.896153+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data corruption, memory corruption or unexpected application behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: cmd/compile: no-op interface conversion bypasses overlap checking",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable in applications that contain a memory move or copy operation that is subject to a no-op (no-operation) interface conversion. Furthermore, the source and destination memory addresses involved in the move or copy must overlap and an attacker must be able to supply an input that triggers this specific operation. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27144"
},
{
"category": "external",
"summary": "RHBZ#2456340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27144"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144"
},
{
"category": "external",
"summary": "https://go.dev/cl/763764",
"url": "https://go.dev/cl/763764"
},
{
"category": "external",
"summary": "https://go.dev/issue/78371",
"url": "https://go.dev/issue/78371"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4867",
"url": "https://pkg.go.dev/vuln/GO-2026-4867"
}
],
"release_date": "2026-04-08T01:06:56.908000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T21:39:53+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10217"
},
{
"category": "workaround",
"details": "To mitigate this issue, review code that performs memory copies or struct assignments. If data is being passed through an interface (such as \u0027any\u0027 or \u0027interface{}\u0027) just before a move operation, refactor the code to use concrete types or explicit pointers instead.",
"product_ids": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: cmd/compile: no-op interface conversion bypasses overlap checking"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T21:39:53+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10217"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T21:39:53+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10217"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T21:39:53+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10217"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.9-3.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.9-3.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.9-3.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
RHSA-2026:10219
Vulnerability from csaf_redhat - Published: 2026-04-24 02:38 - Updated: 2026-05-07 02:29Summary
Red Hat Security Advisory: golang security update
Severity
Important
Notes
Topic: An update for golang is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The golang packages provide the Go programming language compiler.
Security Fix(es):
* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
* golang: cmd/compile: no-op interface conversion bypasses overlap checking (CVE-2026-27144)
* cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names (CVE-2026-27140)
* golang: cmd/compile: possible memory corruption after bound check elimination (CVE-2026-27143)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Go programming language (golang) and its command-line tool (cmd/go). A remote attacker could exploit this during the build process by crafting malicious SWIG (Simplified Wrapper and Interface Generator) file names that contain "cgo" and specific payloads. This could lead to code smuggling and arbitrary code execution, bypassing trust mechanisms and allowing the attacker to run unauthorized code.
9.0 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10219
A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially leading to memory corruption.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10219
Workaround
To mitigate this vulnerability, strictly sanitize and enforce bounds checking on any untrusted user input that influences loop counters, iteration limits, or memory indices. If there is no integer overflow or underflow, the out-of-bounds access cannot occur.
A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data corruption, memory corruption or unexpected application behavior.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10219
Workaround
To mitigate this issue, review code that performs memory copies or struct assignments. If data is being passed through an interface (such as 'any' or 'interface{}') just before a move operation, refactor the code to use concrete types or explicit pointers instead.
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10219
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10219
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:10219
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\n* golang: cmd/compile: no-op interface conversion bypasses overlap checking (CVE-2026-27144)\n\n* cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names (CVE-2026-27140)\n\n* golang: cmd/compile: possible memory corruption after bound check elimination (CVE-2026-27143)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:10219",
"url": "https://access.redhat.com/errata/RHSA-2026:10219"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "2456340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456340"
},
{
"category": "external",
"summary": "2456341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456341"
},
{
"category": "external",
"summary": "2456342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456342"
},
{
"category": "external",
"summary": "RHEL-169931",
"url": "https://issues.redhat.com/browse/RHEL-169931"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_10219.json"
}
],
"title": "Red Hat Security Advisory: golang security update",
"tracking": {
"current_release_date": "2026-05-07T02:29:00+00:00",
"generator": {
"date": "2026-05-07T02:29:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:10219",
"initial_release_date": "2026-04-24T02:38:10+00:00",
"revision_history": [
{
"date": "2026-04-24T02:38:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-24T02:38:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T02:29:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.9-1.el9_7.aarch64",
"product": {
"name": "go-toolset-0:1.25.9-1.el9_7.aarch64",
"product_id": "go-toolset-0:1.25.9-1.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.9-1.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.9-1.el9_7.aarch64",
"product": {
"name": "golang-0:1.25.9-1.el9_7.aarch64",
"product_id": "golang-0:1.25.9-1.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.9-1.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.9-1.el9_7.aarch64",
"product": {
"name": "golang-bin-0:1.25.9-1.el9_7.aarch64",
"product_id": "golang-bin-0:1.25.9-1.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.9-1.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.9-1.el9_7.aarch64",
"product": {
"name": "golang-race-0:1.25.9-1.el9_7.aarch64",
"product_id": "golang-race-0:1.25.9-1.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.9-1.el9_7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.9-1.el9_7.ppc64le",
"product": {
"name": "go-toolset-0:1.25.9-1.el9_7.ppc64le",
"product_id": "go-toolset-0:1.25.9-1.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.9-1.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.9-1.el9_7.ppc64le",
"product": {
"name": "golang-0:1.25.9-1.el9_7.ppc64le",
"product_id": "golang-0:1.25.9-1.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.9-1.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.9-1.el9_7.ppc64le",
"product": {
"name": "golang-bin-0:1.25.9-1.el9_7.ppc64le",
"product_id": "golang-bin-0:1.25.9-1.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.9-1.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.9-1.el9_7.ppc64le",
"product": {
"name": "golang-race-0:1.25.9-1.el9_7.ppc64le",
"product_id": "golang-race-0:1.25.9-1.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.9-1.el9_7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.9-1.el9_7.x86_64",
"product": {
"name": "go-toolset-0:1.25.9-1.el9_7.x86_64",
"product_id": "go-toolset-0:1.25.9-1.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.9-1.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.9-1.el9_7.x86_64",
"product": {
"name": "golang-0:1.25.9-1.el9_7.x86_64",
"product_id": "golang-0:1.25.9-1.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.9-1.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.9-1.el9_7.x86_64",
"product": {
"name": "golang-bin-0:1.25.9-1.el9_7.x86_64",
"product_id": "golang-bin-0:1.25.9-1.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.9-1.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.9-1.el9_7.x86_64",
"product": {
"name": "golang-race-0:1.25.9-1.el9_7.x86_64",
"product_id": "golang-race-0:1.25.9-1.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.9-1.el9_7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.9-1.el9_7.s390x",
"product": {
"name": "go-toolset-0:1.25.9-1.el9_7.s390x",
"product_id": "go-toolset-0:1.25.9-1.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.9-1.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.9-1.el9_7.s390x",
"product": {
"name": "golang-0:1.25.9-1.el9_7.s390x",
"product_id": "golang-0:1.25.9-1.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.9-1.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.9-1.el9_7.s390x",
"product": {
"name": "golang-bin-0:1.25.9-1.el9_7.s390x",
"product_id": "golang-bin-0:1.25.9-1.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.9-1.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.9-1.el9_7.s390x",
"product": {
"name": "golang-race-0:1.25.9-1.el9_7.s390x",
"product_id": "golang-race-0:1.25.9-1.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.9-1.el9_7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.25.9-1.el9_7.src",
"product": {
"name": "golang-0:1.25.9-1.el9_7.src",
"product_id": "golang-0:1.25.9-1.el9_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.9-1.el9_7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.25.9-1.el9_7.noarch",
"product": {
"name": "golang-docs-0:1.25.9-1.el9_7.noarch",
"product_id": "golang-docs-0:1.25.9-1.el9_7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.25.9-1.el9_7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.25.9-1.el9_7.noarch",
"product": {
"name": "golang-misc-0:1.25.9-1.el9_7.noarch",
"product_id": "golang-misc-0:1.25.9-1.el9_7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.25.9-1.el9_7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.25.9-1.el9_7.noarch",
"product": {
"name": "golang-src-0:1.25.9-1.el9_7.noarch",
"product_id": "golang-src-0:1.25.9-1.el9_7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.25.9-1.el9_7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.25.9-1.el9_7.noarch",
"product": {
"name": "golang-tests-0:1.25.9-1.el9_7.noarch",
"product_id": "golang-tests-0:1.25.9-1.el9_7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.25.9-1.el9_7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.9-1.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64"
},
"product_reference": "go-toolset-0:1.25.9-1.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.9-1.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le"
},
"product_reference": "go-toolset-0:1.25.9-1.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.9-1.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x"
},
"product_reference": "go-toolset-0:1.25.9-1.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.9-1.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64"
},
"product_reference": "go-toolset-0:1.25.9-1.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.9-1.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64"
},
"product_reference": "golang-0:1.25.9-1.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.9-1.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le"
},
"product_reference": "golang-0:1.25.9-1.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.9-1.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x"
},
"product_reference": "golang-0:1.25.9-1.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.9-1.el9_7.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src"
},
"product_reference": "golang-0:1.25.9-1.el9_7.src",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.9-1.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64"
},
"product_reference": "golang-0:1.25.9-1.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.9-1.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64"
},
"product_reference": "golang-bin-0:1.25.9-1.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.9-1.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le"
},
"product_reference": "golang-bin-0:1.25.9-1.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.9-1.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x"
},
"product_reference": "golang-bin-0:1.25.9-1.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.9-1.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64"
},
"product_reference": "golang-bin-0:1.25.9-1.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.25.9-1.el9_7.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch"
},
"product_reference": "golang-docs-0:1.25.9-1.el9_7.noarch",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.25.9-1.el9_7.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch"
},
"product_reference": "golang-misc-0:1.25.9-1.el9_7.noarch",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.9-1.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64"
},
"product_reference": "golang-race-0:1.25.9-1.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.9-1.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le"
},
"product_reference": "golang-race-0:1.25.9-1.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.9-1.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x"
},
"product_reference": "golang-race-0:1.25.9-1.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.9-1.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64"
},
"product_reference": "golang-race-0:1.25.9-1.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.25.9-1.el9_7.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch"
},
"product_reference": "golang-src-0:1.25.9-1.el9_7.noarch",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.25.9-1.el9_7.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
},
"product_reference": "golang-tests-0:1.25.9-1.el9_7.noarch",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27140",
"cwe": {
"id": "CWE-641",
"name": "Improper Restriction of Names for Files and Other Resources"
},
"discovery_date": "2026-04-08T02:01:26.299804+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456341"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go programming language (golang) and its command-line tool (cmd/go). A remote attacker could exploit this during the build process by crafting malicious SWIG (Simplified Wrapper and Interface Generator) file names that contain \"cgo\" and specific payloads. This could lead to code smuggling and arbitrary code execution, bypassing trust mechanisms and allowing the attacker to run unauthorized code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27140"
},
{
"category": "external",
"summary": "RHBZ#2456341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27140",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27140"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27140",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27140"
},
{
"category": "external",
"summary": "https://go.dev/cl/763768",
"url": "https://go.dev/cl/763768"
},
{
"category": "external",
"summary": "https://go.dev/issue/78335",
"url": "https://go.dev/issue/78335"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4871",
"url": "https://pkg.go.dev/vuln/GO-2026-4871"
}
],
"release_date": "2026-04-08T01:06:57.893000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-24T02:38:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10219"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names"
},
{
"cve": "CVE-2026-27143",
"cwe": {
"id": "CWE-733",
"name": "Compiler Optimization Removal or Modification of Security-critical Code"
},
"discovery_date": "2026-04-08T02:01:29.491546+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456342"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially leading to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: cmd/compile: possible memory corruption after bound check elimination",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is only exploitable in applications that contain a loop structure that relies on an induction variable. An induction variable is a variable that gets modified, usually incremented or decremented, by a predictable amount on each iteration. Inside the loop, the induction variable must be directly used as the index to access or modify elements within an array or a slice. Additionally, an attacker must be able to cause an integer overflow or underflow in the induction variable to trigger this issue. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27143"
},
{
"category": "external",
"summary": "RHBZ#2456342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143"
},
{
"category": "external",
"summary": "https://go.dev/cl/763765",
"url": "https://go.dev/cl/763765"
},
{
"category": "external",
"summary": "https://go.dev/issue/78333",
"url": "https://go.dev/issue/78333"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4868",
"url": "https://pkg.go.dev/vuln/GO-2026-4868"
}
],
"release_date": "2026-04-08T01:06:57.168000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-24T02:38:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10219"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, strictly sanitize and enforce bounds checking on any untrusted user input that influences loop counters, iteration limits, or memory indices. If there is no integer overflow or underflow, the out-of-bounds access cannot occur.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: cmd/compile: possible memory corruption after bound check elimination"
},
{
"cve": "CVE-2026-27144",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2026-04-08T02:01:22.896153+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data corruption, memory corruption or unexpected application behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: cmd/compile: no-op interface conversion bypasses overlap checking",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable in applications that contain a memory move or copy operation that is subject to a no-op (no-operation) interface conversion. Furthermore, the source and destination memory addresses involved in the move or copy must overlap and an attacker must be able to supply an input that triggers this specific operation. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27144"
},
{
"category": "external",
"summary": "RHBZ#2456340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27144"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144"
},
{
"category": "external",
"summary": "https://go.dev/cl/763764",
"url": "https://go.dev/cl/763764"
},
{
"category": "external",
"summary": "https://go.dev/issue/78371",
"url": "https://go.dev/issue/78371"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4867",
"url": "https://pkg.go.dev/vuln/GO-2026-4867"
}
],
"release_date": "2026-04-08T01:06:56.908000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-24T02:38:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10219"
},
{
"category": "workaround",
"details": "To mitigate this issue, review code that performs memory copies or struct assignments. If data is being passed through an interface (such as \u0027any\u0027 or \u0027interface{}\u0027) just before a move operation, refactor the code to use concrete types or explicit pointers instead.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: cmd/compile: no-op interface conversion bypasses overlap checking"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-24T02:38:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10219"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-24T02:38:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10219"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-24T02:38:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10219"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.9-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.9-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.9-1.el9_7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
RHSA-2026:11514
Vulnerability from csaf_redhat - Published: 2026-04-29 08:11 - Updated: 2026-05-07 02:29Summary
Red Hat Security Advisory: grafana-pcp security update
Severity
Important
Notes
Topic: An update for grafana-pcp is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.
Security Fix(es):
* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11514
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11514
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11514
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for grafana-pcp is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.\n\nSecurity Fix(es):\n\n* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11514",
"url": "https://access.redhat.com/errata/RHSA-2026:11514"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11514.json"
}
],
"title": "Red Hat Security Advisory: grafana-pcp security update",
"tracking": {
"current_release_date": "2026-05-07T02:29:02+00:00",
"generator": {
"date": "2026-05-07T02:29:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:11514",
"initial_release_date": "2026-04-29T08:11:59+00:00",
"revision_history": [
{
"date": "2026-04-29T08:11:59+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-29T08:11:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T02:29:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-pcp-0:5.1.1-14.el8_10.src",
"product": {
"name": "grafana-pcp-0:5.1.1-14.el8_10.src",
"product_id": "grafana-pcp-0:5.1.1-14.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp@5.1.1-14.el8_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-pcp-0:5.1.1-14.el8_10.aarch64",
"product": {
"name": "grafana-pcp-0:5.1.1-14.el8_10.aarch64",
"product_id": "grafana-pcp-0:5.1.1-14.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp@5.1.1-14.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.aarch64",
"product": {
"name": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.aarch64",
"product_id": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debugsource@5.1.1-14.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.aarch64",
"product": {
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.aarch64",
"product_id": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debuginfo@5.1.1-14.el8_10?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-pcp-0:5.1.1-14.el8_10.ppc64le",
"product": {
"name": "grafana-pcp-0:5.1.1-14.el8_10.ppc64le",
"product_id": "grafana-pcp-0:5.1.1-14.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp@5.1.1-14.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.ppc64le",
"product": {
"name": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.ppc64le",
"product_id": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debugsource@5.1.1-14.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.ppc64le",
"product": {
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.ppc64le",
"product_id": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debuginfo@5.1.1-14.el8_10?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-pcp-0:5.1.1-14.el8_10.x86_64",
"product": {
"name": "grafana-pcp-0:5.1.1-14.el8_10.x86_64",
"product_id": "grafana-pcp-0:5.1.1-14.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp@5.1.1-14.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.x86_64",
"product": {
"name": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.x86_64",
"product_id": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debugsource@5.1.1-14.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.x86_64",
"product": {
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.x86_64",
"product_id": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debuginfo@5.1.1-14.el8_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-pcp-0:5.1.1-14.el8_10.s390x",
"product": {
"name": "grafana-pcp-0:5.1.1-14.el8_10.s390x",
"product_id": "grafana-pcp-0:5.1.1-14.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp@5.1.1-14.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.s390x",
"product": {
"name": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.s390x",
"product_id": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debugsource@5.1.1-14.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.s390x",
"product": {
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.s390x",
"product_id": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-pcp-debuginfo@5.1.1-14.el8_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-0:5.1.1-14.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.aarch64"
},
"product_reference": "grafana-pcp-0:5.1.1-14.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-0:5.1.1-14.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.ppc64le"
},
"product_reference": "grafana-pcp-0:5.1.1-14.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-0:5.1.1-14.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.s390x"
},
"product_reference": "grafana-pcp-0:5.1.1-14.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-0:5.1.1-14.el8_10.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.src"
},
"product_reference": "grafana-pcp-0:5.1.1-14.el8_10.src",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-0:5.1.1-14.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.x86_64"
},
"product_reference": "grafana-pcp-0:5.1.1-14.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.aarch64"
},
"product_reference": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.ppc64le"
},
"product_reference": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.s390x"
},
"product_reference": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.x86_64"
},
"product_reference": "grafana-pcp-debuginfo-0:5.1.1-14.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.aarch64"
},
"product_reference": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.ppc64le"
},
"product_reference": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.s390x"
},
"product_reference": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.x86_64"
},
"product_reference": "grafana-pcp-debugsource-0:5.1.1-14.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T08:11:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11514"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T08:11:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11514"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T08:11:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11514"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debuginfo-0:5.1.1-14.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:grafana-pcp-debugsource-0:5.1.1-14.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
RHSA-2026:14391
Vulnerability from csaf_redhat - Published: 2026-05-06 21:10 - Updated: 2026-05-07 02:29Summary
Red Hat Security Advisory: Red Hat build of Cryostat security update
Severity
Important
Notes
Topic: An update is now available for the Red Hat build of Cryostat 4 on RHEL 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: An update is now available for the Red Hat build of Cryostat 4 on RHEL 9.
Security Fix(es):
* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
* crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application (CVE-2026-33810)
* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:14391
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
7.8 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:14391
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:14391
A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.
8.8 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:14391
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for the Red Hat build of Cryostat 4 on RHEL 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for the Red Hat build of Cryostat 4 on RHEL 9.\n\nSecurity Fix(es):\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n* crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application (CVE-2026-33810)\n* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:14391",
"url": "https://access.redhat.com/errata/RHSA-2026:14391"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_14391.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Cryostat security update",
"tracking": {
"current_release_date": "2026-05-07T02:29:06+00:00",
"generator": {
"date": "2026-05-07T02:29:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:14391",
"initial_release_date": "2026-05-06T21:10:06+00:00",
"revision_history": [
{
"date": "2026-05-06T21:10:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-06T21:10:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T02:29:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Cryostat 4 on RHEL 9",
"product": {
"name": "Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cryostat:4::el9"
}
}
}
],
"category": "product_family",
"name": "Cryostat"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"product": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"product_id": "cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-agent-init-rhel9\u0026tag=0.6.1-4"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"product": {
"name": "cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"product_id": "cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-db-rhel9\u0026tag=4.1.1-7"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"product": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"product_id": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-grafana-dashboard-rhel9\u0026tag=4.1.1-5"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"product": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"product_id": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-openshift-console-plugin-rhel9\u0026tag=4.1.1-4"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"product": {
"name": "cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"product_id": "cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-reports-rhel9\u0026tag=4.1.1-4"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"product": {
"name": "cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"product_id": "cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9\u0026tag=4.1.1-4"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"product": {
"name": "cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"product_id": "cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-operator-bundle\u0026tag=4.1.1-4"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"product": {
"name": "cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"product_id": "cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9-operator\u0026tag=4.1.1-7"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64",
"product": {
"name": "cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64",
"product_id": "cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-storage-rhel9\u0026tag=4.1.1-7"
}
}
},
{
"category": "product_version",
"name": "cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"product": {
"name": "cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"product_id": "cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/jfr-datasource-rhel9\u0026tag=4.1.1-4"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"product": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"product_id": "cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-agent-init-rhel9\u0026tag=0.6.1-4"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"product": {
"name": "cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"product_id": "cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-db-rhel9\u0026tag=4.1.1-7"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"product": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"product_id": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-grafana-dashboard-rhel9\u0026tag=4.1.1-5"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"product": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"product_id": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-openshift-console-plugin-rhel9\u0026tag=4.1.1-4"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"product": {
"name": "cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"product_id": "cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-reports-rhel9\u0026tag=4.1.1-4"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"product": {
"name": "cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"product_id": "cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9\u0026tag=4.1.1-4"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"product": {
"name": "cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"product_id": "cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-operator-bundle\u0026tag=4.1.1-4"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"product": {
"name": "cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"product_id": "cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9-operator\u0026tag=4.1.1-7"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"product": {
"name": "cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"product_id": "cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-storage-rhel9\u0026tag=4.1.1-7"
}
}
},
{
"category": "product_version",
"name": "cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64",
"product": {
"name": "cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64",
"product_id": "cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/jfr-datasource-rhel9\u0026tag=4.1.1-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64"
},
"product_reference": "cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64"
},
"product_reference": "cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64"
},
"product_reference": "cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64"
},
"product_reference": "cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64"
},
"product_reference": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64"
},
"product_reference": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64"
},
"product_reference": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64"
},
"product_reference": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64"
},
"product_reference": "cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64"
},
"product_reference": "cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64"
},
"product_reference": "cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64"
},
"product_reference": "cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64"
},
"product_reference": "cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64"
},
"product_reference": "cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64"
},
"product_reference": "cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64"
},
"product_reference": "cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64"
},
"product_reference": "cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64"
},
"product_reference": "cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64"
},
"product_reference": "cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64"
},
"product_reference": "cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T21:10:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14391"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T21:10:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14391"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T21:10:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14391"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
},
{
"cve": "CVE-2026-33810",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-08T02:01:09.100830+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456335"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "RHBZ#2456335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33810",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"category": "external",
"summary": "https://go.dev/cl/763763",
"url": "https://go.dev/cl/763763"
},
{
"category": "external",
"summary": "https://go.dev/issue/78332",
"url": "https://go.dev/issue/78332"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4866",
"url": "https://pkg.go.dev/vuln/GO-2026-4866"
}
],
"release_date": "2026-04-08T01:06:56.546000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T21:10:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14391"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f0b40e2312ae2659f9d0092a98488d7c5965ab33efe759ce78778b1b8173c5d6_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:f2aeac65f02f6d21b497972087a808104100b547d92ab1a5656d91b48262c97d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:231d5f0956e242c675b2f33df01d7a1fd9f44c9ee80f2b05731a60e0022e1483_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:8c6ca482631927526d6e8d1ca455cffc379d798c7d8d323c699e7ffc5ff44c88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:2e68b360df2e9532458e97127a16e10765c3e7bbe4842d6ad48febca834af1f2_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:e0092c9adc9bf671729ec2a4682f3c53f1f12a9fdf09edf5f5c4b65172e04742_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:03b2d5ec8747fa2984b4659b0d61c5dd67dd729c6957918752b8033a3e6f40ec_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:5d356babef136df86f11f77ec595d9e9cc9a7f246eeb458e062757e273a9e803_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:5479230ed1ace22b8f00141796326cae84a772b1b6f14f52a58366a9695266da_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:b2a02cd673f7dd96218aa92a11bb924eb4538060f77fb8e773d0f13f5bdec55f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:71ff61b5a765e62ef16bd633580dc9d49e8fcb46a68c3ee0e831d161b598956a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fb4b8f8338d6f3b7458ec9643d49175333a69d15650f026a1038836668f0c076_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b3c9c59b462a94d181b51ee7419c5e89618da06bb70d7905f7efeeca12e57c6b_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:c4a8388737cd5330176421462353b4253dcbf4c7dc963b644b5d122cda3022d1_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:548ef61d03e7b861bed4b2f86cb826add8fcf13251d34562a4ac78302eae9d88_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:6daca9dff828394e3181355526276fdc6448eace218fc3c30b63b992bee5424d_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95938fed3fcf7e786bcc418e5cc05999519336dd9b1ae26ac09b87d122244ce9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:95c41160b310ef0c54ddab4fd77dfaf02faf62de58d15b3a90b375c76226181c_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:914d1985a1944cf4c25530b67aad321e7a8d6f28cfb7793b703b69456deecf8a_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:965a1522fc45c8aeff07508ba9291919bd007318da0511ee2ed4e4c18190ec71_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application"
}
]
}
RHSA-2026:11711
Vulnerability from csaf_redhat - Published: 2026-04-29 13:32 - Updated: 2026-05-07 02:29Summary
Red Hat Security Advisory: grafana security update
Severity
Important
Notes
Topic: An update for grafana is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
Security Fix(es):
* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11711
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11711
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for grafana is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB \u0026 OpenTSDB. \n\nSecurity Fix(es):\n\n* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11711",
"url": "https://access.redhat.com/errata/RHSA-2026:11711"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11711.json"
}
],
"title": "Red Hat Security Advisory: grafana security update",
"tracking": {
"current_release_date": "2026-05-07T02:29:02+00:00",
"generator": {
"date": "2026-05-07T02:29:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:11711",
"initial_release_date": "2026-04-29T13:32:55+00:00",
"revision_history": [
{
"date": "2026-04-29T13:32:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-29T13:32:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T02:29:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-21.el9_7.src",
"product": {
"name": "grafana-0:10.2.6-21.el9_7.src",
"product_id": "grafana-0:10.2.6-21.el9_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-21.el9_7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-21.el9_7.aarch64",
"product": {
"name": "grafana-0:10.2.6-21.el9_7.aarch64",
"product_id": "grafana-0:10.2.6-21.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-21.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-21.el9_7.aarch64",
"product": {
"name": "grafana-selinux-0:10.2.6-21.el9_7.aarch64",
"product_id": "grafana-selinux-0:10.2.6-21.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-21.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-21.el9_7.aarch64",
"product": {
"name": "grafana-debugsource-0:10.2.6-21.el9_7.aarch64",
"product_id": "grafana-debugsource-0:10.2.6-21.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-21.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-21.el9_7.aarch64",
"product": {
"name": "grafana-debuginfo-0:10.2.6-21.el9_7.aarch64",
"product_id": "grafana-debuginfo-0:10.2.6-21.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-21.el9_7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-21.el9_7.ppc64le",
"product": {
"name": "grafana-0:10.2.6-21.el9_7.ppc64le",
"product_id": "grafana-0:10.2.6-21.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-21.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-21.el9_7.ppc64le",
"product": {
"name": "grafana-selinux-0:10.2.6-21.el9_7.ppc64le",
"product_id": "grafana-selinux-0:10.2.6-21.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-21.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-21.el9_7.ppc64le",
"product": {
"name": "grafana-debugsource-0:10.2.6-21.el9_7.ppc64le",
"product_id": "grafana-debugsource-0:10.2.6-21.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-21.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-21.el9_7.ppc64le",
"product": {
"name": "grafana-debuginfo-0:10.2.6-21.el9_7.ppc64le",
"product_id": "grafana-debuginfo-0:10.2.6-21.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-21.el9_7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-21.el9_7.x86_64",
"product": {
"name": "grafana-0:10.2.6-21.el9_7.x86_64",
"product_id": "grafana-0:10.2.6-21.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-21.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-21.el9_7.x86_64",
"product": {
"name": "grafana-selinux-0:10.2.6-21.el9_7.x86_64",
"product_id": "grafana-selinux-0:10.2.6-21.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-21.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-21.el9_7.x86_64",
"product": {
"name": "grafana-debugsource-0:10.2.6-21.el9_7.x86_64",
"product_id": "grafana-debugsource-0:10.2.6-21.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-21.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-21.el9_7.x86_64",
"product": {
"name": "grafana-debuginfo-0:10.2.6-21.el9_7.x86_64",
"product_id": "grafana-debuginfo-0:10.2.6-21.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-21.el9_7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-21.el9_7.s390x",
"product": {
"name": "grafana-0:10.2.6-21.el9_7.s390x",
"product_id": "grafana-0:10.2.6-21.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-21.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-21.el9_7.s390x",
"product": {
"name": "grafana-selinux-0:10.2.6-21.el9_7.s390x",
"product_id": "grafana-selinux-0:10.2.6-21.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-21.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-21.el9_7.s390x",
"product": {
"name": "grafana-debugsource-0:10.2.6-21.el9_7.s390x",
"product_id": "grafana-debugsource-0:10.2.6-21.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-21.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-21.el9_7.s390x",
"product": {
"name": "grafana-debuginfo-0:10.2.6-21.el9_7.s390x",
"product_id": "grafana-debuginfo-0:10.2.6-21.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-21.el9_7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-21.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.aarch64"
},
"product_reference": "grafana-0:10.2.6-21.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-21.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.ppc64le"
},
"product_reference": "grafana-0:10.2.6-21.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-21.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.s390x"
},
"product_reference": "grafana-0:10.2.6-21.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-21.el9_7.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.src"
},
"product_reference": "grafana-0:10.2.6-21.el9_7.src",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-21.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.x86_64"
},
"product_reference": "grafana-0:10.2.6-21.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-21.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.aarch64"
},
"product_reference": "grafana-debuginfo-0:10.2.6-21.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-21.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.ppc64le"
},
"product_reference": "grafana-debuginfo-0:10.2.6-21.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-21.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.s390x"
},
"product_reference": "grafana-debuginfo-0:10.2.6-21.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-21.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.x86_64"
},
"product_reference": "grafana-debuginfo-0:10.2.6-21.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-21.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.aarch64"
},
"product_reference": "grafana-debugsource-0:10.2.6-21.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-21.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.ppc64le"
},
"product_reference": "grafana-debugsource-0:10.2.6-21.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-21.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.s390x"
},
"product_reference": "grafana-debugsource-0:10.2.6-21.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-21.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.x86_64"
},
"product_reference": "grafana-debugsource-0:10.2.6-21.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-21.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.aarch64"
},
"product_reference": "grafana-selinux-0:10.2.6-21.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-21.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.ppc64le"
},
"product_reference": "grafana-selinux-0:10.2.6-21.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-21.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.s390x"
},
"product_reference": "grafana-selinux-0:10.2.6-21.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-21.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.x86_64"
},
"product_reference": "grafana-selinux-0:10.2.6-21.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.src",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T13:32:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.src",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11711"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.src",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.src",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.src",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T13:32:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.src",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11711"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.src",
"AppStream-9.7.0.Z.MAIN:grafana-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-debuginfo-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-debugsource-0:10.2.6-21.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:grafana-selinux-0:10.2.6-21.el9_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
RHSA-2026:11712
Vulnerability from csaf_redhat - Published: 2026-04-29 13:13 - Updated: 2026-05-07 02:29Summary
Red Hat Security Advisory: grafana security update
Severity
Important
Notes
Topic: An update for grafana is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
Security Fix(es):
* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11712
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11712
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for grafana is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB \u0026 OpenTSDB. \n\nSecurity Fix(es):\n\n* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11712",
"url": "https://access.redhat.com/errata/RHSA-2026:11712"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11712.json"
}
],
"title": "Red Hat Security Advisory: grafana security update",
"tracking": {
"current_release_date": "2026-05-07T02:29:04+00:00",
"generator": {
"date": "2026-05-07T02:29:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:11712",
"initial_release_date": "2026-04-29T13:13:50+00:00",
"revision_history": [
{
"date": "2026-04-29T13:13:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-29T13:13:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T02:29:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-25.el10_1.src",
"product": {
"name": "grafana-0:10.2.6-25.el10_1.src",
"product_id": "grafana-0:10.2.6-25.el10_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-25.el10_1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-25.el10_1.aarch64",
"product": {
"name": "grafana-0:10.2.6-25.el10_1.aarch64",
"product_id": "grafana-0:10.2.6-25.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-25.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-25.el10_1.aarch64",
"product": {
"name": "grafana-selinux-0:10.2.6-25.el10_1.aarch64",
"product_id": "grafana-selinux-0:10.2.6-25.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-25.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-25.el10_1.aarch64",
"product": {
"name": "grafana-debugsource-0:10.2.6-25.el10_1.aarch64",
"product_id": "grafana-debugsource-0:10.2.6-25.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-25.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-25.el10_1.aarch64",
"product": {
"name": "grafana-debuginfo-0:10.2.6-25.el10_1.aarch64",
"product_id": "grafana-debuginfo-0:10.2.6-25.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-25.el10_1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-25.el10_1.ppc64le",
"product": {
"name": "grafana-0:10.2.6-25.el10_1.ppc64le",
"product_id": "grafana-0:10.2.6-25.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-25.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-25.el10_1.ppc64le",
"product": {
"name": "grafana-selinux-0:10.2.6-25.el10_1.ppc64le",
"product_id": "grafana-selinux-0:10.2.6-25.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-25.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-25.el10_1.ppc64le",
"product": {
"name": "grafana-debugsource-0:10.2.6-25.el10_1.ppc64le",
"product_id": "grafana-debugsource-0:10.2.6-25.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-25.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-25.el10_1.ppc64le",
"product": {
"name": "grafana-debuginfo-0:10.2.6-25.el10_1.ppc64le",
"product_id": "grafana-debuginfo-0:10.2.6-25.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-25.el10_1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-25.el10_1.s390x",
"product": {
"name": "grafana-0:10.2.6-25.el10_1.s390x",
"product_id": "grafana-0:10.2.6-25.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-25.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-25.el10_1.s390x",
"product": {
"name": "grafana-selinux-0:10.2.6-25.el10_1.s390x",
"product_id": "grafana-selinux-0:10.2.6-25.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-25.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-25.el10_1.s390x",
"product": {
"name": "grafana-debugsource-0:10.2.6-25.el10_1.s390x",
"product_id": "grafana-debugsource-0:10.2.6-25.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-25.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-25.el10_1.s390x",
"product": {
"name": "grafana-debuginfo-0:10.2.6-25.el10_1.s390x",
"product_id": "grafana-debuginfo-0:10.2.6-25.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-25.el10_1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-25.el10_1.x86_64",
"product": {
"name": "grafana-0:10.2.6-25.el10_1.x86_64",
"product_id": "grafana-0:10.2.6-25.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-25.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-25.el10_1.x86_64",
"product": {
"name": "grafana-selinux-0:10.2.6-25.el10_1.x86_64",
"product_id": "grafana-selinux-0:10.2.6-25.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-25.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-25.el10_1.x86_64",
"product": {
"name": "grafana-debugsource-0:10.2.6-25.el10_1.x86_64",
"product_id": "grafana-debugsource-0:10.2.6-25.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-25.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-25.el10_1.x86_64",
"product": {
"name": "grafana-debuginfo-0:10.2.6-25.el10_1.x86_64",
"product_id": "grafana-debuginfo-0:10.2.6-25.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-25.el10_1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-25.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.aarch64"
},
"product_reference": "grafana-0:10.2.6-25.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-25.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.ppc64le"
},
"product_reference": "grafana-0:10.2.6-25.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-25.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.s390x"
},
"product_reference": "grafana-0:10.2.6-25.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-25.el10_1.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.src"
},
"product_reference": "grafana-0:10.2.6-25.el10_1.src",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-25.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.x86_64"
},
"product_reference": "grafana-0:10.2.6-25.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-25.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.aarch64"
},
"product_reference": "grafana-debuginfo-0:10.2.6-25.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-25.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.ppc64le"
},
"product_reference": "grafana-debuginfo-0:10.2.6-25.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-25.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.s390x"
},
"product_reference": "grafana-debuginfo-0:10.2.6-25.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-25.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.x86_64"
},
"product_reference": "grafana-debuginfo-0:10.2.6-25.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-25.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.aarch64"
},
"product_reference": "grafana-debugsource-0:10.2.6-25.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-25.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.ppc64le"
},
"product_reference": "grafana-debugsource-0:10.2.6-25.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-25.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.s390x"
},
"product_reference": "grafana-debugsource-0:10.2.6-25.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-25.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.x86_64"
},
"product_reference": "grafana-debugsource-0:10.2.6-25.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-25.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.aarch64"
},
"product_reference": "grafana-selinux-0:10.2.6-25.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-25.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.ppc64le"
},
"product_reference": "grafana-selinux-0:10.2.6-25.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-25.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.s390x"
},
"product_reference": "grafana-selinux-0:10.2.6-25.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-25.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.x86_64"
},
"product_reference": "grafana-selinux-0:10.2.6-25.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.src",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T13:13:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.src",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11712"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.src",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.src",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.src",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T13:13:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.src",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11712"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.src",
"AppStream-10.1.Z:grafana-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-debuginfo-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-debugsource-0:10.2.6-25.el10_1.x86_64",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.aarch64",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.ppc64le",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.s390x",
"AppStream-10.1.Z:grafana-selinux-0:10.2.6-25.el10_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
RHSA-2026:11863
Vulnerability from csaf_redhat - Published: 2026-04-29 17:54 - Updated: 2026-05-07 02:29Summary
Red Hat Security Advisory: rhc-worker-playbook security update
Severity
Important
Notes
Topic: An update for rhc-worker-playbook is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: A worker for yggdrasil that receives Ansible playbooks and executes them against the local host.
Security Fix(es):
* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11863
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11863
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for rhc-worker-playbook is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A worker for yggdrasil that receives Ansible playbooks and executes them against the local host.\n\nSecurity Fix(es):\n\n* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11863",
"url": "https://access.redhat.com/errata/RHSA-2026:11863"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11863.json"
}
],
"title": "Red Hat Security Advisory: rhc-worker-playbook security update",
"tracking": {
"current_release_date": "2026-05-07T02:29:04+00:00",
"generator": {
"date": "2026-05-07T02:29:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:11863",
"initial_release_date": "2026-04-29T17:54:26+00:00",
"revision_history": [
{
"date": "2026-04-29T17:54:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-29T17:54:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T02:29:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-worker-playbook-0:0.2.3-5.el10_1.src",
"product": {
"name": "rhc-worker-playbook-0:0.2.3-5.el10_1.src",
"product_id": "rhc-worker-playbook-0:0.2.3-5.el10_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook@0.2.3-5.el10_1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-worker-playbook-0:0.2.3-5.el10_1.aarch64",
"product": {
"name": "rhc-worker-playbook-0:0.2.3-5.el10_1.aarch64",
"product_id": "rhc-worker-playbook-0:0.2.3-5.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook@0.2.3-5.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.aarch64",
"product": {
"name": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.aarch64",
"product_id": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook-debugsource@0.2.3-5.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.aarch64",
"product": {
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.aarch64",
"product_id": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.2.3-5.el10_1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-worker-playbook-0:0.2.3-5.el10_1.ppc64le",
"product": {
"name": "rhc-worker-playbook-0:0.2.3-5.el10_1.ppc64le",
"product_id": "rhc-worker-playbook-0:0.2.3-5.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook@0.2.3-5.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.ppc64le",
"product": {
"name": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.ppc64le",
"product_id": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook-debugsource@0.2.3-5.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.ppc64le",
"product": {
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.ppc64le",
"product_id": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.2.3-5.el10_1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-worker-playbook-0:0.2.3-5.el10_1.s390x",
"product": {
"name": "rhc-worker-playbook-0:0.2.3-5.el10_1.s390x",
"product_id": "rhc-worker-playbook-0:0.2.3-5.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook@0.2.3-5.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.s390x",
"product": {
"name": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.s390x",
"product_id": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook-debugsource@0.2.3-5.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.s390x",
"product": {
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.s390x",
"product_id": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.2.3-5.el10_1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-worker-playbook-0:0.2.3-5.el10_1.x86_64",
"product": {
"name": "rhc-worker-playbook-0:0.2.3-5.el10_1.x86_64",
"product_id": "rhc-worker-playbook-0:0.2.3-5.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook@0.2.3-5.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.x86_64",
"product": {
"name": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.x86_64",
"product_id": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook-debugsource@0.2.3-5.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.x86_64",
"product": {
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.x86_64",
"product_id": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.2.3-5.el10_1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-0:0.2.3-5.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.aarch64"
},
"product_reference": "rhc-worker-playbook-0:0.2.3-5.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-0:0.2.3-5.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.ppc64le"
},
"product_reference": "rhc-worker-playbook-0:0.2.3-5.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-0:0.2.3-5.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.s390x"
},
"product_reference": "rhc-worker-playbook-0:0.2.3-5.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-0:0.2.3-5.el10_1.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.src"
},
"product_reference": "rhc-worker-playbook-0:0.2.3-5.el10_1.src",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-0:0.2.3-5.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.x86_64"
},
"product_reference": "rhc-worker-playbook-0:0.2.3-5.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.aarch64"
},
"product_reference": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.ppc64le"
},
"product_reference": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.s390x"
},
"product_reference": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.x86_64"
},
"product_reference": "rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.aarch64"
},
"product_reference": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.ppc64le"
},
"product_reference": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.s390x"
},
"product_reference": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.x86_64"
},
"product_reference": "rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.src",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.x86_64",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.x86_64",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T17:54:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.src",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.x86_64",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.x86_64",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11863"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.src",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.x86_64",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.x86_64",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.src",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.x86_64",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.x86_64",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.src",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.x86_64",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.x86_64",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T17:54:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.src",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.x86_64",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.x86_64",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11863"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.src",
"AppStream-10.1.Z:rhc-worker-playbook-0:0.2.3-5.el10_1.x86_64",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-debuginfo-0:0.2.3-5.el10_1.x86_64",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.aarch64",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.ppc64le",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.s390x",
"AppStream-10.1.Z:rhc-worker-playbook-debugsource-0:0.2.3-5.el10_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
cleanstart-2026-ac01087
Vulnerability from cleanstart
Published
2026-04-10 01:03
Modified
2026-04-09 09:55
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the gitness package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "gitness"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.3.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the gitness package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-AC01087",
"modified": "2026-04-09T09:55:12Z",
"published": "2026-04-10T01:03:59.042951Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-AC01087.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-30153"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33540"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-35172"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4vq8-7jfc-9cvp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vrw8-fxc6-2r93"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30153"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33540"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35172"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-22868",
"CVE-2025-30153",
"CVE-2025-61726",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68119",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33540",
"CVE-2026-33810",
"CVE-2026-35172",
"ghsa-4vq8-7jfc-9cvp",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-vrw8-fxc6-2r93"
]
}
cleanstart-2026-lk73694
Vulnerability from cleanstart
Published
2026-04-14 00:43
Modified
2026-04-13 05:21
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the sealed-secrets package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "sealed-secrets"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.36.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the sealed-secrets package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-LK73694",
"modified": "2026-04-13T05:21:32Z",
"published": "2026-04-14T00:43:42.897096Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LK73694.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33810"
]
}
cleanstart-2026-fb07695
Vulnerability from cleanstart
Published
2026-04-15 00:45
Modified
2026-04-14 11:38
Summary
When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint
Details
Multiple security vulnerabilities affect the velero-fips package. When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "velero-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.17.2-r5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the velero-fips package. When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-FB07695",
"modified": "2026-04-14T11:38:13Z",
"published": "2026-04-15T00:45:38.848496Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FB07695.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint",
"upstream": [
"CVE-2025-61726",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-34986",
"CVE-2026-39883",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-xmrv-pmrh-hhx2"
]
}
cleanstart-2026-bz28794
Vulnerability from cleanstart
Published
2026-04-15 00:41
Modified
2026-04-14 10:03
Summary
Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service
Details
Multiple security vulnerabilities affect the aws-load-balancer-controller package. Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "aws-load-balancer-controller"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.2.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the aws-load-balancer-controller package. Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-BZ28794",
"modified": "2026-04-14T10:03:45Z",
"published": "2026-04-15T00:41:09.072733Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BZ28794.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service",
"upstream": [
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283"
]
}
cleanstart-2026-gy48351
Vulnerability from cleanstart
Published
2026-04-30 00:53
Modified
2026-04-29 09:10
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-GY48351",
"modified": "2026-04-29T09:10:13Z",
"published": "2026-04-30T00:53:26.601522Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-GY48351.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8912"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-10005"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-10006"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c6gw-w398-hv78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hfvc-g4fc-pqhx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jc7w-c686-c4v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q9hv-hpm4-hj6x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wjrx-6529-hcj3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10005"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10006"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2020-8912",
"CVE-2024-10005",
"CVE-2024-10006",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-24051",
"CVE-2026-24515",
"CVE-2026-25210",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-34986",
"CVE-2026-39882",
"CVE-2026-39883",
"ghsa-2464-8j7c-4cjm",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-6v2p-p543-phr9",
"ghsa-78h2-9frx-2jm8",
"ghsa-c6gw-w398-hv78",
"ghsa-fv92-fjc5-jj9h",
"ghsa-hcg3-q754-cr77",
"ghsa-hfvc-g4fc-pqhx",
"ghsa-jc7w-c686-c4v9",
"ghsa-mh63-6h87-95cp",
"ghsa-p77j-4mvh-x3m3",
"ghsa-q9hv-hpm4-hj6x",
"ghsa-qxp5-gwg8-xv66",
"ghsa-vvgc-356p-c3xw",
"ghsa-w8rr-5gcm-pp58",
"ghsa-wjrx-6529-hcj3",
"ghsa-xmrv-pmrh-hhx2"
]
}
cleanstart-2026-jy63371
Vulnerability from cleanstart
Published
2026-04-10 00:45
Modified
2026-04-09 11:52
Summary
Delete function fails to properly validate offsets when processing malformed JSON input
Details
Multiple security vulnerabilities affect the prometheus package. The Delete function fails to properly validate offsets when processing malformed JSON input. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.5.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus package. The Delete function fails to properly validate offsets when processing malformed JSON input. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-JY63371",
"modified": "2026-04-09T11:52:13Z",
"published": "2026-04-10T00:45:58.478015Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-JY63371.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32285"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32285"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Delete function fails to properly validate offsets when processing malformed JSON input",
"upstream": [
"CVE-2026-24051",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32285",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-39882",
"CVE-2026-39883"
]
}
cleanstart-2026-kc83705
Vulnerability from cleanstart
Published
2026-04-15 00:53
Modified
2026-04-14 09:04
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the tempo package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "tempo"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.9.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the tempo package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-KC83705",
"modified": "2026-04-14T09:04:57Z",
"published": "2026-04-15T00:53:10.163760Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-KC83705.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-11065"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-28377"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32287"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-cfpf-hrx2-8rv6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11065"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28377"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32287"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-11065",
"CVE-2025-22868",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68119",
"CVE-2026-24051",
"CVE-2026-28377",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32287",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-34986",
"ghsa-2464-8j7c-4cjm",
"ghsa-78h2-9frx-2jm8",
"ghsa-cfpf-hrx2-8rv6",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-fv92-fjc5-jj9h",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-p77j-4mvh-x3m3"
]
}
cleanstart-2026-do31246
Vulnerability from cleanstart
Published
2026-04-30 01:04
Modified
2026-04-29 07:38
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the terragrunt-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "terragrunt-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.95.1-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the terragrunt-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DO31246",
"modified": "2026-04-29T07:38:43Z",
"published": "2026-04-30T01:04:59.604515Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DO31246.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32285"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-4660"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3xc5-wrhm-f963"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6g7g-w4f8-9c9x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-92mm-2pjq-r785"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw7p-63qq-7hpr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q9hv-hpm4-hj6x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32285"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4660"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32285",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-39882",
"CVE-2026-4660",
"ghsa-3xc5-wrhm-f963",
"ghsa-6g7g-w4f8-9c9x",
"ghsa-92mm-2pjq-r785",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-fw7p-63qq-7hpr",
"ghsa-q9hv-hpm4-hj6x",
"ghsa-w8rr-5gcm-pp58"
]
}
cleanstart-2026-cr55131
Vulnerability from cleanstart
Published
2026-04-16 01:01
Modified
2026-04-15 04:54
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the kyverno-policy-reporter-kyverno-plugin-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kyverno-policy-reporter-kyverno-plugin-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.6.4-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kyverno-policy-reporter-kyverno-plugin-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CR55131",
"modified": "2026-04-15T04:54:42Z",
"published": "2026-04-16T01:01:17.387205Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CR55131.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-61726",
"CVE-2025-61728",
"CVE-2025-61730",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33810"
]
}
cleanstart-2026-ng28268
Vulnerability from cleanstart
Published
2026-04-10 00:47
Modified
2026-04-09 11:52
Summary
gRPC-Go is the Go language implementation of gRPC
Details
Multiple security vulnerabilities affect the prometheus package. gRPC-Go is the Go language implementation of gRPC. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.5.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus package. gRPC-Go is the Go language implementation of gRPC. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-NG28268",
"modified": "2026-04-09T11:52:13Z",
"published": "2026-04-10T00:47:58.418185Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NG28268.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "gRPC-Go is the Go language implementation of gRPC",
"upstream": [
"CVE-2026-24051",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-39882",
"CVE-2026-39883"
]
}
cleanstart-2026-dm93480
Vulnerability from cleanstart
Published
2026-04-10 01:06
Modified
2026-04-09 09:11
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the lvm-driver package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "lvm-driver"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.7.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the lvm-driver package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DM93480",
"modified": "2026-04-09T09:11:04Z",
"published": "2026-04-10T01:06:00.088585Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DM93480.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33540"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-35172"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33540"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35172"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-22868",
"CVE-2025-47911",
"CVE-2025-58190",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33540",
"CVE-2026-33810",
"CVE-2026-35172"
]
}
cleanstart-2026-mp87020
Vulnerability from cleanstart
Published
2026-04-15 00:39
Modified
2026-04-14 11:37
Summary
If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources
Details
Multiple security vulnerabilities affect the karpenter package. If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "karpenter"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the karpenter package. If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-MP87020",
"modified": "2026-04-14T11:37:13Z",
"published": "2026-04-15T00:39:08.262212Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MP87020.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources",
"upstream": [
"CVE-2026-25679",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283"
]
}
cleanstart-2026-dr81473
Vulnerability from cleanstart
Published
2026-04-16 00:55
Modified
2026-04-15 06:15
Summary
HashiCorp’s go-getter library up to v1
Details
Multiple security vulnerabilities affect the harbor-scanner-trivy-fips package. HashiCorp’s go-getter library up to v1. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "harbor-scanner-trivy-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.35.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the harbor-scanner-trivy-fips package. HashiCorp\u2019s go-getter library up to v1. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DR81473",
"modified": "2026-04-15T06:15:46Z",
"published": "2026-04-16T00:55:21.838513Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DR81473.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-29923"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-54410"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-4660"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29923"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54410"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4660"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "HashiCorp\u2019s go-getter library up to v1",
"upstream": [
"CVE-2025-15558",
"CVE-2025-29923",
"CVE-2025-54410",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33810",
"CVE-2026-39883",
"CVE-2026-4660",
"ghsa-xmrv-pmrh-hhx2"
]
}
cleanstart-2026-nx54250
Vulnerability from cleanstart
Published
2026-04-10 01:03
Modified
2026-04-09 09:59
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the gitness package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "gitness"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.3.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the gitness package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-NX54250",
"modified": "2026-04-09T09:59:33Z",
"published": "2026-04-10T01:03:29.003448Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NX54250.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-30153"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33540"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-35172"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4vq8-7jfc-9cvp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vrw8-fxc6-2r93"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30153"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33540"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35172"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-22868",
"CVE-2025-30153",
"CVE-2025-61726",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68119",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33540",
"CVE-2026-33810",
"CVE-2026-35172",
"ghsa-4vq8-7jfc-9cvp",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-vrw8-fxc6-2r93"
]
}
cleanstart-2026-hq88036
Vulnerability from cleanstart
Published
2026-04-30 01:00
Modified
2026-04-29 07:41
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the terragrunt-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "terragrunt-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.96.1-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the terragrunt-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HQ88036",
"modified": "2026-04-29T07:41:49Z",
"published": "2026-04-30T01:00:58.604637Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HQ88036.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32285"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-4660"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3xc5-wrhm-f963"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6g7g-w4f8-9c9x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-92mm-2pjq-r785"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw7p-63qq-7hpr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q9hv-hpm4-hj6x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32285"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4660"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-1229",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-26958",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32285",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-34986",
"CVE-2026-39882",
"CVE-2026-4660",
"ghsa-3xc5-wrhm-f963",
"ghsa-6g7g-w4f8-9c9x",
"ghsa-78h2-9frx-2jm8",
"ghsa-92mm-2pjq-r785",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-fw7p-63qq-7hpr",
"ghsa-q9hv-hpm4-hj6x",
"ghsa-w8rr-5gcm-pp58",
"ghsa-xmrv-pmrh-hhx2"
]
}
cleanstart-2026-cn84623
Vulnerability from cleanstart
Published
2026-04-30 00:53
Modified
2026-04-29 09:12
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CN84623",
"modified": "2026-04-29T09:12:44Z",
"published": "2026-04-30T00:53:26.653377Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CN84623.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8912"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-10005"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-10006"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c6gw-w398-hv78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hfvc-g4fc-pqhx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jc7w-c686-c4v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q9hv-hpm4-hj6x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wjrx-6529-hcj3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10005"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10006"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2020-8912",
"CVE-2024-10005",
"CVE-2024-10006",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-24051",
"CVE-2026-24515",
"CVE-2026-25210",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-34986",
"CVE-2026-39882",
"CVE-2026-39883",
"ghsa-2464-8j7c-4cjm",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-6v2p-p543-phr9",
"ghsa-78h2-9frx-2jm8",
"ghsa-c6gw-w398-hv78",
"ghsa-fv92-fjc5-jj9h",
"ghsa-hcg3-q754-cr77",
"ghsa-hfvc-g4fc-pqhx",
"ghsa-jc7w-c686-c4v9",
"ghsa-mh63-6h87-95cp",
"ghsa-p77j-4mvh-x3m3",
"ghsa-q9hv-hpm4-hj6x",
"ghsa-qxp5-gwg8-xv66",
"ghsa-vvgc-356p-c3xw",
"ghsa-w8rr-5gcm-pp58",
"ghsa-wjrx-6529-hcj3",
"ghsa-xmrv-pmrh-hhx2"
]
}
cleanstart-2026-cd13174
Vulnerability from cleanstart
Published
2026-04-10 00:49
Modified
2026-04-09 11:52
Summary
gRPC-Go is the Go language implementation of gRPC
Details
Multiple security vulnerabilities affect the prometheus package. gRPC-Go is the Go language implementation of gRPC. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.5.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus package. gRPC-Go is the Go language implementation of gRPC. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CD13174",
"modified": "2026-04-09T11:52:13Z",
"published": "2026-04-10T00:49:58.731115Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CD13174.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "gRPC-Go is the Go language implementation of gRPC",
"upstream": [
"CVE-2026-24051",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-39882",
"CVE-2026-39883"
]
}
cleanstart-2026-fh63386
Vulnerability from cleanstart
Published
2026-04-14 00:44
Modified
2026-04-13 10:06
Summary
When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint
Details
Multiple security vulnerabilities affect the sealed-secrets package. When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "sealed-secrets"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.35.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the sealed-secrets package. When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-FH63386",
"modified": "2026-04-13T10:06:48Z",
"published": "2026-04-14T00:44:12.807187Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FH63386.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint",
"upstream": [
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33810"
]
}
cleanstart-2026-bm53321
Vulnerability from cleanstart
Published
2026-04-10 00:51
Modified
2026-04-09 11:53
Summary
attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing
Details
Multiple security vulnerabilities affect the kube-state-metrics package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kube-state-metrics"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.16.0-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kube-state-metrics package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-BM53321",
"modified": "2026-04-09T11:53:35Z",
"published": "2026-04-10T00:51:58.426076Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BM53321.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing",
"upstream": [
"CVE-2025-22868",
"CVE-2025-47911",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-58190",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68121",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186"
]
}
cleanstart-2026-kt28044
Vulnerability from cleanstart
Published
2026-04-30 01:03
Modified
2026-04-29 07:43
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the terragrunt-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "terragrunt-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.97.2-r6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the terragrunt-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-KT28044",
"modified": "2026-04-29T07:43:21Z",
"published": "2026-04-30T01:03:26.906365Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-KT28044.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-4660"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3xc5-wrhm-f963"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6g7g-w4f8-9c9x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-92mm-2pjq-r785"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw7p-63qq-7hpr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q9hv-hpm4-hj6x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4660"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-1229",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-26958",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-34986",
"CVE-2026-39882",
"CVE-2026-4660",
"ghsa-3xc5-wrhm-f963",
"ghsa-6g7g-w4f8-9c9x",
"ghsa-92mm-2pjq-r785",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-fw7p-63qq-7hpr",
"ghsa-p77j-4mvh-x3m3",
"ghsa-q9hv-hpm4-hj6x",
"ghsa-w8rr-5gcm-pp58",
"ghsa-xmrv-pmrh-hhx2"
]
}
cleanstart-2026-bb70412
Vulnerability from cleanstart
Published
2026-04-22 00:41
Modified
2026-04-21 09:28
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "percona-xtradb-cluster-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.18.0-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-BB70412",
"modified": "2026-04-21T09:28:36Z",
"published": "2026-04-22T00:41:59.291167Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BB70412.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25518"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pc3f-x583-g7j2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25518"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-61726",
"CVE-2025-61728",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-25518",
"CVE-2026-25679",
"CVE-2026-26958",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33810",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-pc3f-x583-g7j2"
]
}
cleanstart-2026-jz43336
Vulnerability from cleanstart
Published
2026-04-16 00:45
Modified
2026-04-15 09:24
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the percona-xtradb-cluster-operator package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "percona-xtradb-cluster-operator"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.19.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the percona-xtradb-cluster-operator package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-JZ43336",
"modified": "2026-04-15T09:24:00Z",
"published": "2026-04-16T00:45:49.932786Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-JZ43336.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33810",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-j5w8-q4qc-rx2x"
]
}
cleanstart-2026-ng75665
Vulnerability from cleanstart
Published
2026-04-10 00:56
Modified
2026-04-09 11:53
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the kube-state-metrics package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kube-state-metrics"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.16.0-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kube-state-metrics package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-NG75665",
"modified": "2026-04-09T11:53:35Z",
"published": "2026-04-10T00:56:28.527348Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NG75665.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-47911",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-58190",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68121",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186"
]
}
cleanstart-2026-mi12470
Vulnerability from cleanstart
Published
2026-04-30 00:49
Modified
2026-04-29 09:05
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-MI12470",
"modified": "2026-04-29T09:05:33Z",
"published": "2026-04-30T00:49:56.616377Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MI12470.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c6gw-w398-hv78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hfvc-g4fc-pqhx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jc7w-c686-c4v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wjrx-6529-hcj3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-34986",
"CVE-2026-39882",
"CVE-2026-39883",
"ghsa-2464-8j7c-4cjm",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-6v2p-p543-phr9",
"ghsa-78h2-9frx-2jm8",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-c6gw-w398-hv78",
"ghsa-fv92-fjc5-jj9h",
"ghsa-hcg3-q754-cr77",
"ghsa-hfvc-g4fc-pqhx",
"ghsa-jc7w-c686-c4v9",
"ghsa-mh63-6h87-95cp",
"ghsa-qxp5-gwg8-xv66",
"ghsa-vvgc-356p-c3xw",
"ghsa-w8rr-5gcm-pp58",
"ghsa-wjrx-6529-hcj3",
"ghsa-xmrv-pmrh-hhx2"
]
}
GHSA-JRG3-GFJW-HM96
Vulnerability from github – Published: 2026-04-08 03:32 – Updated: 2026-04-13 21:30
VLAI?
Details
If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2026-32283"
],
"database_specific": {
"cwe_ids": [
"CWE-770"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-08T02:16:03Z",
"severity": "HIGH"
},
"details": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.",
"id": "GHSA-jrg3-gfjw-hm96",
"modified": "2026-04-13T21:30:33Z",
"published": "2026-04-08T03:32:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://go.dev/cl/763767"
},
{
"type": "WEB",
"url": "https://go.dev/issue/78334"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
alsa-2026:14200
Vulnerability from osv_almalinux
Published
2026-05-06 00:00
Modified
2026-05-06 21:14
Summary
Important: git-lfs security update
Details
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server.
Security Fix(es):
- golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
- crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
- crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
| URL | Type | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "git-lfs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.6.1-8.el9_7.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. \n\nSecurity Fix(es): \n\n * golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n * crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n * crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2026:14200",
"modified": "2026-05-06T21:14:42Z",
"published": "2026-05-06T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2026:14200"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2456336"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2456338"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2456339"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2026-14200.html"
}
],
"related": [
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32280"
],
"summary": "Important: git-lfs security update"
}
MSRC_CVE-2026-32283
Vulnerability from csaf_microsoft - Published: 2026-04-02 00:00 - Updated: 2026-04-30 01:52Summary
Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
None Available
There is no fix available for this vulnerability as of now
None Available
There is no fix available for this vulnerability as of now
None Available
There is no fix available for this vulnerability as of now
None Available
There is no fix available for this vulnerability as of now
None Available
There is no fix available for this vulnerability as of now
None Available
There is no fix available for this vulnerability as of now
None Available
There is no fix available for this vulnerability as of now
References
| URL | Category | |
|---|---|---|
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-32283 Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-32283.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls",
"tracking": {
"current_release_date": "2026-04-30T01:52:10.000Z",
"generator": {
"date": "2026-04-30T08:42:48.208Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-32283",
"initial_release_date": "2026-04-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-04-11T01:07:52.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-04-14T14:46:48.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2026-04-15T01:47:16.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
},
{
"date": "2026-04-30T01:52:10.000Z",
"legacy_version": "4",
"number": "4",
"summary": "Information published."
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 golang 0:1.18.8-10.cbl2",
"product": {
"name": "cbl2 golang 0:1.18.8-10.cbl2",
"product_id": "8"
}
},
{
"category": "product_version_range",
"name": "cbl2 golang 0:1.22.7-5.cbl2",
"product": {
"name": "cbl2 golang 0:1.22.7-5.cbl2",
"product_id": "9"
}
},
{
"category": "product_version_range",
"name": "azl3 golang 0:1.25.8-1.azl3",
"product": {
"name": "azl3 golang 0:1.25.8-1.azl3",
"product_id": "5"
}
},
{
"category": "product_version_range",
"name": "azl3 golang 0:1.26.1-1.azl3",
"product": {
"name": "azl3 golang 0:1.26.1-1.azl3",
"product_id": "4"
}
},
{
"category": "product_version_range",
"name": "azl3 golang 0:1.25.9-1.azl3",
"product": {
"name": "azl3 golang 0:1.25.9-1.azl3",
"product_id": "2"
}
},
{
"category": "product_version_range",
"name": "azl3 golang 0:1.26.2-1.azl3",
"product": {
"name": "azl3 golang 0:1.26.2-1.azl3",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "golang"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 msft-golang 0:1.25.8-1.cbl2",
"product": {
"name": "cbl2 msft-golang 0:1.25.8-1.cbl2",
"product_id": "3"
}
}
],
"category": "product_name",
"name": "msft-golang"
},
{
"category": "product_name",
"name": "cbl2 gcc 0:11.2.0-9.cbl2",
"product": {
"name": "cbl2 gcc 0:11.2.0-9.cbl2",
"product_id": "7"
}
},
{
"category": "product_name",
"name": "azl3 gcc 0:13.2.0-7.azl3",
"product": {
"name": "azl3 gcc 0:13.2.0-7.azl3",
"product_id": "13"
}
},
{
"category": "product_name",
"name": "cbl2 python-tensorboard 0:2.11.0-3.cbl2",
"product": {
"name": "cbl2 python-tensorboard 0:2.11.0-3.cbl2",
"product_id": "10"
}
},
{
"category": "product_name",
"name": "azl3 python-tensorboard 0:2.16.2-6.azl3",
"product": {
"name": "azl3 python-tensorboard 0:2.16.2-6.azl3",
"product_id": "11"
}
},
{
"category": "product_name",
"name": "cbl2 tensorflow 0:2.11.1-2.cbl2",
"product": {
"name": "cbl2 tensorflow 0:2.11.1-2.cbl2",
"product_id": "12"
}
},
{
"category": "product_name",
"name": "azl3 tensorflow 0:2.16.1-11.azl3",
"product": {
"name": "azl3 tensorflow 0:2.16.1-11.azl3",
"product_id": "6"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 gcc 0:11.2.0-9.cbl2 as a component of CBL Mariner 2.0",
"product_id": "17086-7"
},
"product_reference": "7",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 gcc 0:13.2.0-7.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-13"
},
"product_reference": "13",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 golang 0:1.18.8-10.cbl2 as a component of CBL Mariner 2.0",
"product_id": "17086-8"
},
"product_reference": "8",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 golang 0:1.22.7-5.cbl2 as a component of CBL Mariner 2.0",
"product_id": "17086-9"
},
"product_reference": "9",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 golang 0:1.25.8-1.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-5"
},
"product_reference": "5",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 golang 0:1.26.1-1.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-4"
},
"product_reference": "4",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 msft-golang 0:1.25.8-1.cbl2 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 python-tensorboard 0:2.11.0-3.cbl2 as a component of CBL Mariner 2.0",
"product_id": "17086-10"
},
"product_reference": "10",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python-tensorboard 0:2.16.2-6.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-11"
},
"product_reference": "11",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 tensorflow 0:2.11.1-2.cbl2 as a component of CBL Mariner 2.0",
"product_id": "17086-12"
},
"product_reference": "12",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 tensorflow 0:2.16.1-11.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-6"
},
"product_reference": "6",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 golang 0:1.25.9-1.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 golang 0:1.26.2-1.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32283",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17086-7",
"17084-13",
"17086-10",
"17084-11",
"17086-12",
"17084-6"
]
}
],
"notes": [
{
"category": "general",
"text": "Go",
"title": "Assigning CNA"
}
],
"product_status": {
"known_affected": [
"17086-8",
"17086-9",
"17084-5",
"17084-4",
"17086-3",
"17084-2",
"17084-1"
],
"known_not_affected": [
"17086-7",
"17084-13",
"17086-10",
"17084-11",
"17086-12",
"17084-6"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-32283 Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-32283.json"
}
],
"remediations": [
{
"category": "none_available",
"date": "2026-04-11T01:07:52.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-8"
]
},
{
"category": "none_available",
"date": "2026-04-11T01:07:52.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-9"
]
},
{
"category": "none_available",
"date": "2026-04-11T01:07:52.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-5"
]
},
{
"category": "none_available",
"date": "2026-04-11T01:07:52.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-4"
]
},
{
"category": "none_available",
"date": "2026-04-11T01:07:52.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-3"
]
},
{
"category": "none_available",
"date": "2026-04-11T01:07:52.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-2"
]
},
{
"category": "none_available",
"date": "2026-04-11T01:07:52.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-1"
]
}
],
"title": "Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls"
}
]
}
SUSE-SU-2026:21355-1
Vulnerability from csaf_suse - Published: 2026-04-20 13:54 - Updated: 2026-04-20 13:54Summary
Security update for go1.25
Severity
Important
Notes
Title of the patch: Security update for go1.25
Description of the patch: This update for go1.25 fixes the following issues:
- Update to version go1.25.9 (bsc#1244485).
- CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653).
- CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654).
- CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking (bsc#1261655).
- CVE-2026-32280: crypto/x509: unexpected work during chain building (bsc#1261656).
- CVE-2026-32281: crypto/x509: inefficient policy validation (bsc#1261657).
- CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658).
- CVE-2026-32283: crypto/tls: multiple key update handshake messages can cause connection to deadlock (bsc#1261659).
- CVE-2026-32288: archive/tar: unbounded allocation when parsing old format GNU sparse map (bsc#1261660).
- CVE-2026-32289: html/template: JS template literal context incorrectly tracked (bsc#1261661).
Patchnames: SUSE-SLES-16.0-594
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.4 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.25",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.25 fixes the following issues:\n\n- Update to version go1.25.9 (bsc#1244485).\n- CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653).\n- CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654).\n- CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking (bsc#1261655).\n- CVE-2026-32280: crypto/x509: unexpected work during chain building (bsc#1261656).\n- CVE-2026-32281: crypto/x509: inefficient policy validation (bsc#1261657).\n- CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658).\n- CVE-2026-32283: crypto/tls: multiple key update handshake messages can cause connection to deadlock (bsc#1261659).\n- CVE-2026-32288: archive/tar: unbounded allocation when parsing old format GNU sparse map (bsc#1261660).\n- CVE-2026-32289: html/template: JS template literal context incorrectly tracked (bsc#1261661).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-594",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21355-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21355-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621355-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21355-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-April/046086.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244485",
"url": "https://bugzilla.suse.com/1244485"
},
{
"category": "self",
"summary": "SUSE Bug 1261653",
"url": "https://bugzilla.suse.com/1261653"
},
{
"category": "self",
"summary": "SUSE Bug 1261654",
"url": "https://bugzilla.suse.com/1261654"
},
{
"category": "self",
"summary": "SUSE Bug 1261655",
"url": "https://bugzilla.suse.com/1261655"
},
{
"category": "self",
"summary": "SUSE Bug 1261656",
"url": "https://bugzilla.suse.com/1261656"
},
{
"category": "self",
"summary": "SUSE Bug 1261657",
"url": "https://bugzilla.suse.com/1261657"
},
{
"category": "self",
"summary": "SUSE Bug 1261658",
"url": "https://bugzilla.suse.com/1261658"
},
{
"category": "self",
"summary": "SUSE Bug 1261659",
"url": "https://bugzilla.suse.com/1261659"
},
{
"category": "self",
"summary": "SUSE Bug 1261660",
"url": "https://bugzilla.suse.com/1261660"
},
{
"category": "self",
"summary": "SUSE Bug 1261661",
"url": "https://bugzilla.suse.com/1261661"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27140 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27143 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27144 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32280 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32281 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32282 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32282/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32283 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32283/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32288 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32289 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32289/"
}
],
"title": "Security update for go1.25",
"tracking": {
"current_release_date": "2026-04-20T13:54:28Z",
"generator": {
"date": "2026-04-20T13:54:28Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21355-1",
"initial_release_date": "2026-04-20T13:54:28Z",
"revision_history": [
{
"date": "2026-04-20T13:54:28Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.9-160000.1.1.aarch64",
"product": {
"name": "go1.25-1.25.9-160000.1.1.aarch64",
"product_id": "go1.25-1.25.9-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.9-160000.1.1.aarch64",
"product": {
"name": "go1.25-doc-1.25.9-160000.1.1.aarch64",
"product_id": "go1.25-doc-1.25.9-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.9-160000.1.1.aarch64",
"product": {
"name": "go1.25-libstd-1.25.9-160000.1.1.aarch64",
"product_id": "go1.25-libstd-1.25.9-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.9-160000.1.1.aarch64",
"product": {
"name": "go1.25-race-1.25.9-160000.1.1.aarch64",
"product_id": "go1.25-race-1.25.9-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.9-160000.1.1.ppc64le",
"product": {
"name": "go1.25-1.25.9-160000.1.1.ppc64le",
"product_id": "go1.25-1.25.9-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.9-160000.1.1.ppc64le",
"product": {
"name": "go1.25-doc-1.25.9-160000.1.1.ppc64le",
"product_id": "go1.25-doc-1.25.9-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.9-160000.1.1.ppc64le",
"product": {
"name": "go1.25-race-1.25.9-160000.1.1.ppc64le",
"product_id": "go1.25-race-1.25.9-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.9-160000.1.1.s390x",
"product": {
"name": "go1.25-1.25.9-160000.1.1.s390x",
"product_id": "go1.25-1.25.9-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.9-160000.1.1.s390x",
"product": {
"name": "go1.25-doc-1.25.9-160000.1.1.s390x",
"product_id": "go1.25-doc-1.25.9-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.9-160000.1.1.s390x",
"product": {
"name": "go1.25-race-1.25.9-160000.1.1.s390x",
"product_id": "go1.25-race-1.25.9-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.9-160000.1.1.x86_64",
"product": {
"name": "go1.25-1.25.9-160000.1.1.x86_64",
"product_id": "go1.25-1.25.9-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.9-160000.1.1.x86_64",
"product": {
"name": "go1.25-doc-1.25.9-160000.1.1.x86_64",
"product_id": "go1.25-doc-1.25.9-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.9-160000.1.1.x86_64",
"product": {
"name": "go1.25-libstd-1.25.9-160000.1.1.x86_64",
"product_id": "go1.25-libstd-1.25.9-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.9-160000.1.1.x86_64",
"product": {
"name": "go1.25-race-1.25.9-160000.1.1.x86_64",
"product_id": "go1.25-race-1.25.9-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64"
},
"product_reference": "go1.25-1.25.9-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le"
},
"product_reference": "go1.25-1.25.9-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x"
},
"product_reference": "go1.25-1.25.9-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64"
},
"product_reference": "go1.25-1.25.9-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.9-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.9-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x"
},
"product_reference": "go1.25-doc-1.25.9-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.9-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.9-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64"
},
"product_reference": "go1.25-libstd-1.25.9-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.9-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64"
},
"product_reference": "go1.25-libstd-1.25.9-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64"
},
"product_reference": "go1.25-race-1.25.9-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.9-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x"
},
"product_reference": "go1.25-race-1.25.9-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
},
"product_reference": "go1.25-race-1.25.9-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64"
},
"product_reference": "go1.25-1.25.9-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le"
},
"product_reference": "go1.25-1.25.9-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x"
},
"product_reference": "go1.25-1.25.9-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64"
},
"product_reference": "go1.25-1.25.9-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.9-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.9-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x"
},
"product_reference": "go1.25-doc-1.25.9-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.9-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.9-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64"
},
"product_reference": "go1.25-libstd-1.25.9-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.9-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64"
},
"product_reference": "go1.25-libstd-1.25.9-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64"
},
"product_reference": "go1.25-race-1.25.9-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.9-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x"
},
"product_reference": "go1.25-race-1.25.9-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
},
"product_reference": "go1.25-race-1.25.9-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27140"
}
],
"notes": [
{
"category": "general",
"text": "SWIG file names containing \u0027cgo\u0027 and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27140",
"url": "https://www.suse.com/security/cve/CVE-2026-27140"
},
{
"category": "external",
"summary": "SUSE Bug 1261653 for CVE-2026-27140",
"url": "https://bugzilla.suse.com/1261653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T13:54:28Z",
"details": "important"
}
],
"title": "CVE-2026-27140"
},
{
"cve": "CVE-2026-27143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27143"
}
],
"notes": [
{
"category": "general",
"text": "Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27143",
"url": "https://www.suse.com/security/cve/CVE-2026-27143"
},
{
"category": "external",
"summary": "SUSE Bug 1261654 for CVE-2026-27143",
"url": "https://bugzilla.suse.com/1261654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T13:54:28Z",
"details": "important"
}
],
"title": "CVE-2026-27143"
},
{
"cve": "CVE-2026-27144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27144"
}
],
"notes": [
{
"category": "general",
"text": "The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27144",
"url": "https://www.suse.com/security/cve/CVE-2026-27144"
},
{
"category": "external",
"summary": "SUSE Bug 1261655 for CVE-2026-27144",
"url": "https://bugzilla.suse.com/1261655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T13:54:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-27144"
},
{
"cve": "CVE-2026-32280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32280"
}
],
"notes": [
{
"category": "general",
"text": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32280",
"url": "https://www.suse.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "SUSE Bug 1261656 for CVE-2026-32280",
"url": "https://bugzilla.suse.com/1261656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T13:54:28Z",
"details": "important"
}
],
"title": "CVE-2026-32280"
},
{
"cve": "CVE-2026-32281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32281"
}
],
"notes": [
{
"category": "general",
"text": "Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32281",
"url": "https://www.suse.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "SUSE Bug 1261657 for CVE-2026-32281",
"url": "https://bugzilla.suse.com/1261657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T13:54:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-32281"
},
{
"cve": "CVE-2026-32282",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32282"
}
],
"notes": [
{
"category": "general",
"text": "On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32282",
"url": "https://www.suse.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "SUSE Bug 1261658 for CVE-2026-32282",
"url": "https://bugzilla.suse.com/1261658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T13:54:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-32282"
},
{
"cve": "CVE-2026-32283",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32283"
}
],
"notes": [
{
"category": "general",
"text": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32283",
"url": "https://www.suse.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "SUSE Bug 1261659 for CVE-2026-32283",
"url": "https://bugzilla.suse.com/1261659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T13:54:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-32283"
},
{
"cve": "CVE-2026-32288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32288"
}
],
"notes": [
{
"category": "general",
"text": "tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the \"old GNU sparse map\" format.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32288",
"url": "https://www.suse.com/security/cve/CVE-2026-32288"
},
{
"category": "external",
"summary": "SUSE Bug 1261660 for CVE-2026-32288",
"url": "https://bugzilla.suse.com/1261660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T13:54:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-32288"
},
{
"cve": "CVE-2026-32289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32289"
}
],
"notes": [
{
"category": "general",
"text": "Context was not properly tracked across template branches for JS template literals, leading to possibly incorrect escaping of content when branches were used. Additionally template actions within JS template literals did not properly track the brace depth, leading to incorrect escaping being applied. These issues could cause actions within JS template literals to be incorrectly or improperly escaped, leading to XSS vulnerabilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32289",
"url": "https://www.suse.com/security/cve/CVE-2026-32289"
},
{
"category": "external",
"summary": "SUSE Bug 1261661 for CVE-2026-32289",
"url": "https://bugzilla.suse.com/1261661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.9-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.9-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T13:54:28Z",
"details": "moderate"
}
],
"title": "CVE-2026-32289"
}
]
}
SUSE-SU-2026:21356-1
Vulnerability from csaf_suse - Published: 2026-04-20 14:00 - Updated: 2026-04-20 14:00Summary
Security update for go1.26
Severity
Important
Notes
Title of the patch: Security update for go1.26
Description of the patch: This update for go1.26 fixes the following issues:
- Update to version go1.26.2 (bsc#1255111).
- CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653).
- CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654).
- CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking (bsc#1261655).
- CVE-2026-32280: crypto/x509: unexpected work during chain building (bsc#1261656).
- CVE-2026-32281: crypto/x509: inefficient policy validation (bsc#1261657).
- CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658).
- CVE-2026-32283: crypto/tls: multiple key update handshake messages can cause connection to deadlock (bsc#1261659).
- CVE-2026-32288: archive/tar: unbounded allocation when parsing old format GNU sparse map (bsc#1261660).
- CVE-2026-32289: html/template: JS template literal context incorrectly tracked (bsc#1261661).
- CVE-2026-33810: crypto/x509: excluded DNS constraints not properly applied to wildcard domains (bsc#1261662).
Patchnames: SUSE-SLES-16.0-595
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.4 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.26",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.26 fixes the following issues:\n\n- Update to version go1.26.2 (bsc#1255111).\n- CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653).\n- CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654).\n- CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking (bsc#1261655).\n- CVE-2026-32280: crypto/x509: unexpected work during chain building (bsc#1261656).\n- CVE-2026-32281: crypto/x509: inefficient policy validation (bsc#1261657).\n- CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658).\n- CVE-2026-32283: crypto/tls: multiple key update handshake messages can cause connection to deadlock (bsc#1261659).\n- CVE-2026-32288: archive/tar: unbounded allocation when parsing old format GNU sparse map (bsc#1261660).\n- CVE-2026-32289: html/template: JS template literal context incorrectly tracked (bsc#1261661).\n- CVE-2026-33810: crypto/x509: excluded DNS constraints not properly applied to wildcard domains (bsc#1261662).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-595",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21356-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21356-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621356-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21356-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-April/046085.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255111",
"url": "https://bugzilla.suse.com/1255111"
},
{
"category": "self",
"summary": "SUSE Bug 1261653",
"url": "https://bugzilla.suse.com/1261653"
},
{
"category": "self",
"summary": "SUSE Bug 1261654",
"url": "https://bugzilla.suse.com/1261654"
},
{
"category": "self",
"summary": "SUSE Bug 1261655",
"url": "https://bugzilla.suse.com/1261655"
},
{
"category": "self",
"summary": "SUSE Bug 1261656",
"url": "https://bugzilla.suse.com/1261656"
},
{
"category": "self",
"summary": "SUSE Bug 1261657",
"url": "https://bugzilla.suse.com/1261657"
},
{
"category": "self",
"summary": "SUSE Bug 1261658",
"url": "https://bugzilla.suse.com/1261658"
},
{
"category": "self",
"summary": "SUSE Bug 1261659",
"url": "https://bugzilla.suse.com/1261659"
},
{
"category": "self",
"summary": "SUSE Bug 1261660",
"url": "https://bugzilla.suse.com/1261660"
},
{
"category": "self",
"summary": "SUSE Bug 1261661",
"url": "https://bugzilla.suse.com/1261661"
},
{
"category": "self",
"summary": "SUSE Bug 1261662",
"url": "https://bugzilla.suse.com/1261662"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27140 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27143 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27144 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32280 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32281 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32282 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32282/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32283 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32283/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32288 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32289 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32289/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33810 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33810/"
}
],
"title": "Security update for go1.26",
"tracking": {
"current_release_date": "2026-04-20T14:00:06Z",
"generator": {
"date": "2026-04-20T14:00:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21356-1",
"initial_release_date": "2026-04-20T14:00:06Z",
"revision_history": [
{
"date": "2026-04-20T14:00:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.2-160000.1.1.aarch64",
"product": {
"name": "go1.26-1.26.2-160000.1.1.aarch64",
"product_id": "go1.26-1.26.2-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.2-160000.1.1.aarch64",
"product": {
"name": "go1.26-doc-1.26.2-160000.1.1.aarch64",
"product_id": "go1.26-doc-1.26.2-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.26-libstd-1.26.2-160000.1.1.aarch64",
"product": {
"name": "go1.26-libstd-1.26.2-160000.1.1.aarch64",
"product_id": "go1.26-libstd-1.26.2-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.2-160000.1.1.aarch64",
"product": {
"name": "go1.26-race-1.26.2-160000.1.1.aarch64",
"product_id": "go1.26-race-1.26.2-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.2-160000.1.1.ppc64le",
"product": {
"name": "go1.26-1.26.2-160000.1.1.ppc64le",
"product_id": "go1.26-1.26.2-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.2-160000.1.1.ppc64le",
"product": {
"name": "go1.26-doc-1.26.2-160000.1.1.ppc64le",
"product_id": "go1.26-doc-1.26.2-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.2-160000.1.1.ppc64le",
"product": {
"name": "go1.26-race-1.26.2-160000.1.1.ppc64le",
"product_id": "go1.26-race-1.26.2-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.2-160000.1.1.s390x",
"product": {
"name": "go1.26-1.26.2-160000.1.1.s390x",
"product_id": "go1.26-1.26.2-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.2-160000.1.1.s390x",
"product": {
"name": "go1.26-doc-1.26.2-160000.1.1.s390x",
"product_id": "go1.26-doc-1.26.2-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.2-160000.1.1.s390x",
"product": {
"name": "go1.26-race-1.26.2-160000.1.1.s390x",
"product_id": "go1.26-race-1.26.2-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.2-160000.1.1.x86_64",
"product": {
"name": "go1.26-1.26.2-160000.1.1.x86_64",
"product_id": "go1.26-1.26.2-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.2-160000.1.1.x86_64",
"product": {
"name": "go1.26-doc-1.26.2-160000.1.1.x86_64",
"product_id": "go1.26-doc-1.26.2-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.26-libstd-1.26.2-160000.1.1.x86_64",
"product": {
"name": "go1.26-libstd-1.26.2-160000.1.1.x86_64",
"product_id": "go1.26-libstd-1.26.2-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.2-160000.1.1.x86_64",
"product": {
"name": "go1.26-race-1.26.2-160000.1.1.x86_64",
"product_id": "go1.26-race-1.26.2-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64"
},
"product_reference": "go1.26-1.26.2-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le"
},
"product_reference": "go1.26-1.26.2-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x"
},
"product_reference": "go1.26-1.26.2-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64"
},
"product_reference": "go1.26-1.26.2-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.2-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.2-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x"
},
"product_reference": "go1.26-doc-1.26.2-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.2-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-libstd-1.26.2-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64"
},
"product_reference": "go1.26-libstd-1.26.2-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-libstd-1.26.2-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64"
},
"product_reference": "go1.26-libstd-1.26.2-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64"
},
"product_reference": "go1.26-race-1.26.2-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.2-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x"
},
"product_reference": "go1.26-race-1.26.2-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
},
"product_reference": "go1.26-race-1.26.2-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64"
},
"product_reference": "go1.26-1.26.2-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le"
},
"product_reference": "go1.26-1.26.2-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x"
},
"product_reference": "go1.26-1.26.2-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64"
},
"product_reference": "go1.26-1.26.2-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.2-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.2-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x"
},
"product_reference": "go1.26-doc-1.26.2-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.2-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-libstd-1.26.2-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64"
},
"product_reference": "go1.26-libstd-1.26.2-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-libstd-1.26.2-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64"
},
"product_reference": "go1.26-libstd-1.26.2-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64"
},
"product_reference": "go1.26-race-1.26.2-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.2-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x"
},
"product_reference": "go1.26-race-1.26.2-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
},
"product_reference": "go1.26-race-1.26.2-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27140"
}
],
"notes": [
{
"category": "general",
"text": "SWIG file names containing \u0027cgo\u0027 and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27140",
"url": "https://www.suse.com/security/cve/CVE-2026-27140"
},
{
"category": "external",
"summary": "SUSE Bug 1261653 for CVE-2026-27140",
"url": "https://bugzilla.suse.com/1261653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T14:00:06Z",
"details": "important"
}
],
"title": "CVE-2026-27140"
},
{
"cve": "CVE-2026-27143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27143"
}
],
"notes": [
{
"category": "general",
"text": "Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27143",
"url": "https://www.suse.com/security/cve/CVE-2026-27143"
},
{
"category": "external",
"summary": "SUSE Bug 1261654 for CVE-2026-27143",
"url": "https://bugzilla.suse.com/1261654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T14:00:06Z",
"details": "important"
}
],
"title": "CVE-2026-27143"
},
{
"cve": "CVE-2026-27144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27144"
}
],
"notes": [
{
"category": "general",
"text": "The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27144",
"url": "https://www.suse.com/security/cve/CVE-2026-27144"
},
{
"category": "external",
"summary": "SUSE Bug 1261655 for CVE-2026-27144",
"url": "https://bugzilla.suse.com/1261655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T14:00:06Z",
"details": "moderate"
}
],
"title": "CVE-2026-27144"
},
{
"cve": "CVE-2026-32280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32280"
}
],
"notes": [
{
"category": "general",
"text": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32280",
"url": "https://www.suse.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "SUSE Bug 1261656 for CVE-2026-32280",
"url": "https://bugzilla.suse.com/1261656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T14:00:06Z",
"details": "important"
}
],
"title": "CVE-2026-32280"
},
{
"cve": "CVE-2026-32281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32281"
}
],
"notes": [
{
"category": "general",
"text": "Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32281",
"url": "https://www.suse.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "SUSE Bug 1261657 for CVE-2026-32281",
"url": "https://bugzilla.suse.com/1261657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T14:00:06Z",
"details": "moderate"
}
],
"title": "CVE-2026-32281"
},
{
"cve": "CVE-2026-32282",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32282"
}
],
"notes": [
{
"category": "general",
"text": "On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32282",
"url": "https://www.suse.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "SUSE Bug 1261658 for CVE-2026-32282",
"url": "https://bugzilla.suse.com/1261658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T14:00:06Z",
"details": "moderate"
}
],
"title": "CVE-2026-32282"
},
{
"cve": "CVE-2026-32283",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32283"
}
],
"notes": [
{
"category": "general",
"text": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32283",
"url": "https://www.suse.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "SUSE Bug 1261659 for CVE-2026-32283",
"url": "https://bugzilla.suse.com/1261659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T14:00:06Z",
"details": "moderate"
}
],
"title": "CVE-2026-32283"
},
{
"cve": "CVE-2026-32288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32288"
}
],
"notes": [
{
"category": "general",
"text": "tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the \"old GNU sparse map\" format.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32288",
"url": "https://www.suse.com/security/cve/CVE-2026-32288"
},
{
"category": "external",
"summary": "SUSE Bug 1261660 for CVE-2026-32288",
"url": "https://bugzilla.suse.com/1261660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T14:00:06Z",
"details": "moderate"
}
],
"title": "CVE-2026-32288"
},
{
"cve": "CVE-2026-32289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32289"
}
],
"notes": [
{
"category": "general",
"text": "Context was not properly tracked across template branches for JS template literals, leading to possibly incorrect escaping of content when branches were used. Additionally template actions within JS template literals did not properly track the brace depth, leading to incorrect escaping being applied. These issues could cause actions within JS template literals to be incorrectly or improperly escaped, leading to XSS vulnerabilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32289",
"url": "https://www.suse.com/security/cve/CVE-2026-32289"
},
{
"category": "external",
"summary": "SUSE Bug 1261661 for CVE-2026-32289",
"url": "https://bugzilla.suse.com/1261661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T14:00:06Z",
"details": "moderate"
}
],
"title": "CVE-2026-32289"
},
{
"cve": "CVE-2026-33810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33810"
}
],
"notes": [
{
"category": "general",
"text": "When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33810",
"url": "https://www.suse.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "SUSE Bug 1261662 for CVE-2026-33810",
"url": "https://bugzilla.suse.com/1261662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.26-race-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-doc-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-libstd-1.26.2-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.26-race-1.26.2-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-20T14:00:06Z",
"details": "moderate"
}
],
"title": "CVE-2026-33810"
}
]
}
SUSE-SU-2026:1581-1
Vulnerability from csaf_suse - Published: 2026-04-23 16:39 - Updated: 2026-04-23 16:39Summary
Security update for go1.25-openssl
Severity
Important
Notes
Title of the patch: Security update for go1.25-openssl
Description of the patch: This update for go1.25-openssl fixes the following issues:
- Update to go1.25.9 (bsc#1244485).
- CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653).
- CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654).
- CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking (bsc#1261655).
- CVE-2026-32280: crypto/x509: unexpected work during chain building (bsc#1261656).
- CVE-2026-32281: crypto/x509: inefficient policy validation (bsc#1261657).
- CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658).
- CVE-2026-32283: crypto/tls: multiple key update handshake messages can cause connection to deadlock (bsc#1261659).
- CVE-2026-32288: archive/tar: unbounded allocation when parsing old format GNU sparse map (bsc#1261660).
- CVE-2026-32289: html/template: JS template literal context incorrectly tracked (bsc#1261661).
Patchnames: SUSE-2026-1581,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1581,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1581,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1581,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1581,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1581,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1581,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1581,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1581
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.4 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.25-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.25-openssl fixes the following issues:\n\n- Update to go1.25.9 (bsc#1244485).\n- CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653).\n- CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654).\n- CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking (bsc#1261655).\n- CVE-2026-32280: crypto/x509: unexpected work during chain building (bsc#1261656).\n- CVE-2026-32281: crypto/x509: inefficient policy validation (bsc#1261657).\n- CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658).\n- CVE-2026-32283: crypto/tls: multiple key update handshake messages can cause connection to deadlock (bsc#1261659).\n- CVE-2026-32288: archive/tar: unbounded allocation when parsing old format GNU sparse map (bsc#1261660).\n- CVE-2026-32289: html/template: JS template literal context incorrectly tracked (bsc#1261661).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1581,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1581,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1581,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1581,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1581,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1581,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1581,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1581,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1581",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1581-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1581-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261581-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1581-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-April/045926.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244485",
"url": "https://bugzilla.suse.com/1244485"
},
{
"category": "self",
"summary": "SUSE Bug 1261653",
"url": "https://bugzilla.suse.com/1261653"
},
{
"category": "self",
"summary": "SUSE Bug 1261654",
"url": "https://bugzilla.suse.com/1261654"
},
{
"category": "self",
"summary": "SUSE Bug 1261655",
"url": "https://bugzilla.suse.com/1261655"
},
{
"category": "self",
"summary": "SUSE Bug 1261656",
"url": "https://bugzilla.suse.com/1261656"
},
{
"category": "self",
"summary": "SUSE Bug 1261657",
"url": "https://bugzilla.suse.com/1261657"
},
{
"category": "self",
"summary": "SUSE Bug 1261658",
"url": "https://bugzilla.suse.com/1261658"
},
{
"category": "self",
"summary": "SUSE Bug 1261659",
"url": "https://bugzilla.suse.com/1261659"
},
{
"category": "self",
"summary": "SUSE Bug 1261660",
"url": "https://bugzilla.suse.com/1261660"
},
{
"category": "self",
"summary": "SUSE Bug 1261661",
"url": "https://bugzilla.suse.com/1261661"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27140 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27143 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27144 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32280 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32281 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32282 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32282/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32283 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32283/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32288 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32289 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32289/"
}
],
"title": "Security update for go1.25-openssl",
"tracking": {
"current_release_date": "2026-04-23T16:39:19Z",
"generator": {
"date": "2026-04-23T16:39:19Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1581-1",
"initial_release_date": "2026-04-23T16:39:19Z",
"revision_history": [
{
"date": "2026-04-23T16:39:19Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"product": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"product_id": "go1.25-openssl-1.25.9-150000.1.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"product": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"product_id": "go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"product": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"product_id": "go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-openssl-1.25.9-150000.1.21.1.i586",
"product": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.i586",
"product_id": "go1.25-openssl-1.25.9-150000.1.21.1.i586"
}
},
{
"category": "product_version",
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.i586",
"product": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.i586",
"product_id": "go1.25-openssl-doc-1.25.9-150000.1.21.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"product": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"product_id": "go1.25-openssl-1.25.9-150000.1.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"product": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"product_id": "go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"product": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"product_id": "go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"product": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"product_id": "go1.25-openssl-1.25.9-150000.1.21.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"product": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"product_id": "go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"product": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"product_id": "go1.25-openssl-race-1.25.9-150000.1.21.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"product": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"product_id": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"product": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"product_id": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"product": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"product_id": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
},
"product_reference": "go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27140"
}
],
"notes": [
{
"category": "general",
"text": "SWIG file names containing \u0027cgo\u0027 and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27140",
"url": "https://www.suse.com/security/cve/CVE-2026-27140"
},
{
"category": "external",
"summary": "SUSE Bug 1261653 for CVE-2026-27140",
"url": "https://bugzilla.suse.com/1261653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:39:19Z",
"details": "important"
}
],
"title": "CVE-2026-27140"
},
{
"cve": "CVE-2026-27143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27143"
}
],
"notes": [
{
"category": "general",
"text": "Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27143",
"url": "https://www.suse.com/security/cve/CVE-2026-27143"
},
{
"category": "external",
"summary": "SUSE Bug 1261654 for CVE-2026-27143",
"url": "https://bugzilla.suse.com/1261654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:39:19Z",
"details": "important"
}
],
"title": "CVE-2026-27143"
},
{
"cve": "CVE-2026-27144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27144"
}
],
"notes": [
{
"category": "general",
"text": "The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27144",
"url": "https://www.suse.com/security/cve/CVE-2026-27144"
},
{
"category": "external",
"summary": "SUSE Bug 1261655 for CVE-2026-27144",
"url": "https://bugzilla.suse.com/1261655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:39:19Z",
"details": "moderate"
}
],
"title": "CVE-2026-27144"
},
{
"cve": "CVE-2026-32280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32280"
}
],
"notes": [
{
"category": "general",
"text": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32280",
"url": "https://www.suse.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "SUSE Bug 1261656 for CVE-2026-32280",
"url": "https://bugzilla.suse.com/1261656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:39:19Z",
"details": "important"
}
],
"title": "CVE-2026-32280"
},
{
"cve": "CVE-2026-32281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32281"
}
],
"notes": [
{
"category": "general",
"text": "Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32281",
"url": "https://www.suse.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "SUSE Bug 1261657 for CVE-2026-32281",
"url": "https://bugzilla.suse.com/1261657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:39:19Z",
"details": "moderate"
}
],
"title": "CVE-2026-32281"
},
{
"cve": "CVE-2026-32282",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32282"
}
],
"notes": [
{
"category": "general",
"text": "On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32282",
"url": "https://www.suse.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "SUSE Bug 1261658 for CVE-2026-32282",
"url": "https://bugzilla.suse.com/1261658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:39:19Z",
"details": "moderate"
}
],
"title": "CVE-2026-32282"
},
{
"cve": "CVE-2026-32283",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32283"
}
],
"notes": [
{
"category": "general",
"text": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32283",
"url": "https://www.suse.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "SUSE Bug 1261659 for CVE-2026-32283",
"url": "https://bugzilla.suse.com/1261659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:39:19Z",
"details": "moderate"
}
],
"title": "CVE-2026-32283"
},
{
"cve": "CVE-2026-32288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32288"
}
],
"notes": [
{
"category": "general",
"text": "tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the \"old GNU sparse map\" format.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32288",
"url": "https://www.suse.com/security/cve/CVE-2026-32288"
},
{
"category": "external",
"summary": "SUSE Bug 1261660 for CVE-2026-32288",
"url": "https://bugzilla.suse.com/1261660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:39:19Z",
"details": "moderate"
}
],
"title": "CVE-2026-32288"
},
{
"cve": "CVE-2026-32289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32289"
}
],
"notes": [
{
"category": "general",
"text": "Context was not properly tracked across template branches for JS template literals, leading to possibly incorrect escaping of content when branches were used. Additionally template actions within JS template literals did not properly track the brace depth, leading to incorrect escaping being applied. These issues could cause actions within JS template literals to be incorrectly or improperly escaped, leading to XSS vulnerabilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32289",
"url": "https://www.suse.com/security/cve/CVE-2026-32289"
},
{
"category": "external",
"summary": "SUSE Bug 1261661 for CVE-2026-32289",
"url": "https://bugzilla.suse.com/1261661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-doc-1.25.9-150000.1.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-openssl-race-1.25.9-150000.1.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:39:19Z",
"details": "moderate"
}
],
"title": "CVE-2026-32289"
}
]
}
SUSE-SU-2026:1320-1
Vulnerability from csaf_suse - Published: 2026-04-14 12:39 - Updated: 2026-04-14 12:39Summary
Security update for go1.26
Severity
Important
Notes
Title of the patch: Security update for go1.26
Description of the patch: This update for go1.26 fixes the following issues:
- Update to go1.26.2 (bsc#1255111).
- CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653).
- CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654).
- CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking (bsc#1261655).
- CVE-2026-32280: crypto/x509: unexpected work during chain building (bsc#1261656).
- CVE-2026-32281: crypto/x509: inefficient policy validation (bsc#1261657).
- CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658).
- CVE-2026-32283: crypto/tls: multiple key update handshake messages can cause connection to deadlock (bsc#1261659).
- CVE-2026-32288: archive/tar: unbounded allocation when parsing old format GNU sparse map (bsc#1261660).
- CVE-2026-32289: html/template: JS template literal context incorrectly tracked (bsc#1261661).
- CVE-2026-33810: crypto/x509: excluded DNS constraints not properly applied to wildcard domains (bsc#1261662).
Patchnames: SUSE-2026-1320,SUSE-SLE-Module-Development-Tools-15-SP7-2026-1320,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1320,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1320,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1320,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1320,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1320,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1320,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1320,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1320,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1320,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1320
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.4 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.26",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.26 fixes the following issues:\n\n- Update to go1.26.2 (bsc#1255111).\n- CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653).\n- CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654).\n- CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking (bsc#1261655).\n- CVE-2026-32280: crypto/x509: unexpected work during chain building (bsc#1261656).\n- CVE-2026-32281: crypto/x509: inefficient policy validation (bsc#1261657).\n- CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658).\n- CVE-2026-32283: crypto/tls: multiple key update handshake messages can cause connection to deadlock (bsc#1261659).\n- CVE-2026-32288: archive/tar: unbounded allocation when parsing old format GNU sparse map (bsc#1261660).\n- CVE-2026-32289: html/template: JS template literal context incorrectly tracked (bsc#1261661).\n- CVE-2026-33810: crypto/x509: excluded DNS constraints not properly applied to wildcard domains (bsc#1261662).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1320,SUSE-SLE-Module-Development-Tools-15-SP7-2026-1320,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1320,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1320,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1320,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1320,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1320,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1320,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1320,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1320,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1320,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1320",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1320-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1320-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261320-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1320-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-April/045527.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255111",
"url": "https://bugzilla.suse.com/1255111"
},
{
"category": "self",
"summary": "SUSE Bug 1261653",
"url": "https://bugzilla.suse.com/1261653"
},
{
"category": "self",
"summary": "SUSE Bug 1261654",
"url": "https://bugzilla.suse.com/1261654"
},
{
"category": "self",
"summary": "SUSE Bug 1261655",
"url": "https://bugzilla.suse.com/1261655"
},
{
"category": "self",
"summary": "SUSE Bug 1261656",
"url": "https://bugzilla.suse.com/1261656"
},
{
"category": "self",
"summary": "SUSE Bug 1261657",
"url": "https://bugzilla.suse.com/1261657"
},
{
"category": "self",
"summary": "SUSE Bug 1261658",
"url": "https://bugzilla.suse.com/1261658"
},
{
"category": "self",
"summary": "SUSE Bug 1261659",
"url": "https://bugzilla.suse.com/1261659"
},
{
"category": "self",
"summary": "SUSE Bug 1261660",
"url": "https://bugzilla.suse.com/1261660"
},
{
"category": "self",
"summary": "SUSE Bug 1261661",
"url": "https://bugzilla.suse.com/1261661"
},
{
"category": "self",
"summary": "SUSE Bug 1261662",
"url": "https://bugzilla.suse.com/1261662"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27140 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27143 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27144 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32280 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32281 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32282 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32282/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32283 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32283/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32288 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32289 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32289/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33810 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33810/"
}
],
"title": "Security update for go1.26",
"tracking": {
"current_release_date": "2026-04-14T12:39:43Z",
"generator": {
"date": "2026-04-14T12:39:43Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1320-1",
"initial_release_date": "2026-04-14T12:39:43Z",
"revision_history": [
{
"date": "2026-04-14T12:39:43Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.2-150000.1.9.1.aarch64",
"product": {
"name": "go1.26-1.26.2-150000.1.9.1.aarch64",
"product_id": "go1.26-1.26.2-150000.1.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"product": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"product_id": "go1.26-doc-1.26.2-150000.1.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.2-150000.1.9.1.aarch64",
"product": {
"name": "go1.26-race-1.26.2-150000.1.9.1.aarch64",
"product_id": "go1.26-race-1.26.2-150000.1.9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.2-150000.1.9.1.i586",
"product": {
"name": "go1.26-1.26.2-150000.1.9.1.i586",
"product_id": "go1.26-1.26.2-150000.1.9.1.i586"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.2-150000.1.9.1.i586",
"product": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.i586",
"product_id": "go1.26-doc-1.26.2-150000.1.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.2-150000.1.9.1.ppc64le",
"product": {
"name": "go1.26-1.26.2-150000.1.9.1.ppc64le",
"product_id": "go1.26-1.26.2-150000.1.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"product": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"product_id": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"product": {
"name": "go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"product_id": "go1.26-race-1.26.2-150000.1.9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.2-150000.1.9.1.s390x",
"product": {
"name": "go1.26-1.26.2-150000.1.9.1.s390x",
"product_id": "go1.26-1.26.2-150000.1.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.2-150000.1.9.1.s390x",
"product": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.s390x",
"product_id": "go1.26-doc-1.26.2-150000.1.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.2-150000.1.9.1.s390x",
"product": {
"name": "go1.26-race-1.26.2-150000.1.9.1.s390x",
"product_id": "go1.26-race-1.26.2-150000.1.9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.2-150000.1.9.1.x86_64",
"product": {
"name": "go1.26-1.26.2-150000.1.9.1.x86_64",
"product_id": "go1.26-1.26.2-150000.1.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"product": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"product_id": "go1.26-doc-1.26.2-150000.1.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.2-150000.1.9.1.x86_64",
"product": {
"name": "go1.26-race-1.26.2-150000.1.9.1.x86_64",
"product_id": "go1.26-race-1.26.2-150000.1.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.26-race-1.26.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27140"
}
],
"notes": [
{
"category": "general",
"text": "SWIG file names containing \u0027cgo\u0027 and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27140",
"url": "https://www.suse.com/security/cve/CVE-2026-27140"
},
{
"category": "external",
"summary": "SUSE Bug 1261653 for CVE-2026-27140",
"url": "https://bugzilla.suse.com/1261653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:39:43Z",
"details": "important"
}
],
"title": "CVE-2026-27140"
},
{
"cve": "CVE-2026-27143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27143"
}
],
"notes": [
{
"category": "general",
"text": "Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27143",
"url": "https://www.suse.com/security/cve/CVE-2026-27143"
},
{
"category": "external",
"summary": "SUSE Bug 1261654 for CVE-2026-27143",
"url": "https://bugzilla.suse.com/1261654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:39:43Z",
"details": "important"
}
],
"title": "CVE-2026-27143"
},
{
"cve": "CVE-2026-27144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27144"
}
],
"notes": [
{
"category": "general",
"text": "The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27144",
"url": "https://www.suse.com/security/cve/CVE-2026-27144"
},
{
"category": "external",
"summary": "SUSE Bug 1261655 for CVE-2026-27144",
"url": "https://bugzilla.suse.com/1261655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:39:43Z",
"details": "moderate"
}
],
"title": "CVE-2026-27144"
},
{
"cve": "CVE-2026-32280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32280"
}
],
"notes": [
{
"category": "general",
"text": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32280",
"url": "https://www.suse.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "SUSE Bug 1261656 for CVE-2026-32280",
"url": "https://bugzilla.suse.com/1261656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:39:43Z",
"details": "important"
}
],
"title": "CVE-2026-32280"
},
{
"cve": "CVE-2026-32281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32281"
}
],
"notes": [
{
"category": "general",
"text": "Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32281",
"url": "https://www.suse.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "SUSE Bug 1261657 for CVE-2026-32281",
"url": "https://bugzilla.suse.com/1261657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:39:43Z",
"details": "moderate"
}
],
"title": "CVE-2026-32281"
},
{
"cve": "CVE-2026-32282",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32282"
}
],
"notes": [
{
"category": "general",
"text": "On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32282",
"url": "https://www.suse.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "SUSE Bug 1261658 for CVE-2026-32282",
"url": "https://bugzilla.suse.com/1261658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:39:43Z",
"details": "moderate"
}
],
"title": "CVE-2026-32282"
},
{
"cve": "CVE-2026-32283",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32283"
}
],
"notes": [
{
"category": "general",
"text": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32283",
"url": "https://www.suse.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "SUSE Bug 1261659 for CVE-2026-32283",
"url": "https://bugzilla.suse.com/1261659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:39:43Z",
"details": "moderate"
}
],
"title": "CVE-2026-32283"
},
{
"cve": "CVE-2026-32288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32288"
}
],
"notes": [
{
"category": "general",
"text": "tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the \"old GNU sparse map\" format.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32288",
"url": "https://www.suse.com/security/cve/CVE-2026-32288"
},
{
"category": "external",
"summary": "SUSE Bug 1261660 for CVE-2026-32288",
"url": "https://bugzilla.suse.com/1261660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:39:43Z",
"details": "moderate"
}
],
"title": "CVE-2026-32288"
},
{
"cve": "CVE-2026-32289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32289"
}
],
"notes": [
{
"category": "general",
"text": "Context was not properly tracked across template branches for JS template literals, leading to possibly incorrect escaping of content when branches were used. Additionally template actions within JS template literals did not properly track the brace depth, leading to incorrect escaping being applied. These issues could cause actions within JS template literals to be incorrectly or improperly escaped, leading to XSS vulnerabilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32289",
"url": "https://www.suse.com/security/cve/CVE-2026-32289"
},
{
"category": "external",
"summary": "SUSE Bug 1261661 for CVE-2026-32289",
"url": "https://bugzilla.suse.com/1261661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:39:43Z",
"details": "moderate"
}
],
"title": "CVE-2026-32289"
},
{
"cve": "CVE-2026-33810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33810"
}
],
"notes": [
{
"category": "general",
"text": "When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33810",
"url": "https://www.suse.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "SUSE Bug 1261662 for CVE-2026-33810",
"url": "https://bugzilla.suse.com/1261662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.2-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:39:43Z",
"details": "moderate"
}
],
"title": "CVE-2026-33810"
}
]
}
SUSE-SU-2026:1321-1
Vulnerability from csaf_suse - Published: 2026-04-14 12:40 - Updated: 2026-04-14 12:40Summary
Security update for go1.25
Severity
Important
Notes
Title of the patch: Security update for go1.25
Description of the patch: This update for go1.25 fixes the following issues:
- Update to go1.25.9 (bsc#1244485).
- CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653).
- CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654).
- CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking (bsc#1261655).
- CVE-2026-32280: crypto/x509: unexpected work during chain building (bsc#1261656).
- CVE-2026-32281: crypto/x509: inefficient policy validation (bsc#1261657).
- CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658).
- CVE-2026-32283: crypto/tls: multiple key update handshake messages can cause connection to deadlock (bsc#1261659).
- CVE-2026-32288: archive/tar: unbounded allocation when parsing old format GNU sparse map (bsc#1261660).
- CVE-2026-32289: html/template: JS template literal context incorrectly tracked (bsc#1261661).
Patchnames: SUSE-2026-1321,SUSE-SLE-Module-Development-Tools-15-SP7-2026-1321,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1321,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1321,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1321,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1321,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1321,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1321,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1321,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1321,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1321,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1321
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.4 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.25",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.25 fixes the following issues:\n\n- Update to go1.25.9 (bsc#1244485).\n- CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653).\n- CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654).\n- CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking (bsc#1261655).\n- CVE-2026-32280: crypto/x509: unexpected work during chain building (bsc#1261656).\n- CVE-2026-32281: crypto/x509: inefficient policy validation (bsc#1261657).\n- CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658).\n- CVE-2026-32283: crypto/tls: multiple key update handshake messages can cause connection to deadlock (bsc#1261659).\n- CVE-2026-32288: archive/tar: unbounded allocation when parsing old format GNU sparse map (bsc#1261660).\n- CVE-2026-32289: html/template: JS template literal context incorrectly tracked (bsc#1261661).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1321,SUSE-SLE-Module-Development-Tools-15-SP7-2026-1321,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1321,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1321,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1321,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1321,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1321,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1321,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1321,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1321,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1321,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1321",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1321-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1321-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261321-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1321-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-April/045526.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244485",
"url": "https://bugzilla.suse.com/1244485"
},
{
"category": "self",
"summary": "SUSE Bug 1261653",
"url": "https://bugzilla.suse.com/1261653"
},
{
"category": "self",
"summary": "SUSE Bug 1261654",
"url": "https://bugzilla.suse.com/1261654"
},
{
"category": "self",
"summary": "SUSE Bug 1261655",
"url": "https://bugzilla.suse.com/1261655"
},
{
"category": "self",
"summary": "SUSE Bug 1261656",
"url": "https://bugzilla.suse.com/1261656"
},
{
"category": "self",
"summary": "SUSE Bug 1261657",
"url": "https://bugzilla.suse.com/1261657"
},
{
"category": "self",
"summary": "SUSE Bug 1261658",
"url": "https://bugzilla.suse.com/1261658"
},
{
"category": "self",
"summary": "SUSE Bug 1261659",
"url": "https://bugzilla.suse.com/1261659"
},
{
"category": "self",
"summary": "SUSE Bug 1261660",
"url": "https://bugzilla.suse.com/1261660"
},
{
"category": "self",
"summary": "SUSE Bug 1261661",
"url": "https://bugzilla.suse.com/1261661"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27140 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27143 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27144 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32280 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32281 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32282 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32282/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32283 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32283/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32288 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32289 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32289/"
}
],
"title": "Security update for go1.25",
"tracking": {
"current_release_date": "2026-04-14T12:40:53Z",
"generator": {
"date": "2026-04-14T12:40:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1321-1",
"initial_release_date": "2026-04-14T12:40:53Z",
"revision_history": [
{
"date": "2026-04-14T12:40:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.9-150000.1.35.1.aarch64",
"product": {
"name": "go1.25-1.25.9-150000.1.35.1.aarch64",
"product_id": "go1.25-1.25.9-150000.1.35.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"product": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"product_id": "go1.25-doc-1.25.9-150000.1.35.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.9-150000.1.35.1.aarch64",
"product": {
"name": "go1.25-race-1.25.9-150000.1.35.1.aarch64",
"product_id": "go1.25-race-1.25.9-150000.1.35.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.9-150000.1.35.1.i586",
"product": {
"name": "go1.25-1.25.9-150000.1.35.1.i586",
"product_id": "go1.25-1.25.9-150000.1.35.1.i586"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.9-150000.1.35.1.i586",
"product": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.i586",
"product_id": "go1.25-doc-1.25.9-150000.1.35.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.9-150000.1.35.1.ppc64le",
"product": {
"name": "go1.25-1.25.9-150000.1.35.1.ppc64le",
"product_id": "go1.25-1.25.9-150000.1.35.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"product": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"product_id": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"product": {
"name": "go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"product_id": "go1.25-race-1.25.9-150000.1.35.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.9-150000.1.35.1.s390x",
"product": {
"name": "go1.25-1.25.9-150000.1.35.1.s390x",
"product_id": "go1.25-1.25.9-150000.1.35.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.9-150000.1.35.1.s390x",
"product": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.s390x",
"product_id": "go1.25-doc-1.25.9-150000.1.35.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.9-150000.1.35.1.s390x",
"product": {
"name": "go1.25-race-1.25.9-150000.1.35.1.s390x",
"product_id": "go1.25-race-1.25.9-150000.1.35.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.9-150000.1.35.1.x86_64",
"product": {
"name": "go1.25-1.25.9-150000.1.35.1.x86_64",
"product_id": "go1.25-1.25.9-150000.1.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"product": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"product_id": "go1.25-doc-1.25.9-150000.1.35.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.9-150000.1.35.1.x86_64",
"product": {
"name": "go1.25-race-1.25.9-150000.1.35.1.x86_64",
"product_id": "go1.25-race-1.25.9-150000.1.35.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-150000.1.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
},
"product_reference": "go1.25-race-1.25.9-150000.1.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27140"
}
],
"notes": [
{
"category": "general",
"text": "SWIG file names containing \u0027cgo\u0027 and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27140",
"url": "https://www.suse.com/security/cve/CVE-2026-27140"
},
{
"category": "external",
"summary": "SUSE Bug 1261653 for CVE-2026-27140",
"url": "https://bugzilla.suse.com/1261653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:40:53Z",
"details": "important"
}
],
"title": "CVE-2026-27140"
},
{
"cve": "CVE-2026-27143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27143"
}
],
"notes": [
{
"category": "general",
"text": "Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27143",
"url": "https://www.suse.com/security/cve/CVE-2026-27143"
},
{
"category": "external",
"summary": "SUSE Bug 1261654 for CVE-2026-27143",
"url": "https://bugzilla.suse.com/1261654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:40:53Z",
"details": "important"
}
],
"title": "CVE-2026-27143"
},
{
"cve": "CVE-2026-27144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27144"
}
],
"notes": [
{
"category": "general",
"text": "The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27144",
"url": "https://www.suse.com/security/cve/CVE-2026-27144"
},
{
"category": "external",
"summary": "SUSE Bug 1261655 for CVE-2026-27144",
"url": "https://bugzilla.suse.com/1261655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:40:53Z",
"details": "moderate"
}
],
"title": "CVE-2026-27144"
},
{
"cve": "CVE-2026-32280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32280"
}
],
"notes": [
{
"category": "general",
"text": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32280",
"url": "https://www.suse.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "SUSE Bug 1261656 for CVE-2026-32280",
"url": "https://bugzilla.suse.com/1261656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:40:53Z",
"details": "important"
}
],
"title": "CVE-2026-32280"
},
{
"cve": "CVE-2026-32281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32281"
}
],
"notes": [
{
"category": "general",
"text": "Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32281",
"url": "https://www.suse.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "SUSE Bug 1261657 for CVE-2026-32281",
"url": "https://bugzilla.suse.com/1261657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:40:53Z",
"details": "moderate"
}
],
"title": "CVE-2026-32281"
},
{
"cve": "CVE-2026-32282",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32282"
}
],
"notes": [
{
"category": "general",
"text": "On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32282",
"url": "https://www.suse.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "SUSE Bug 1261658 for CVE-2026-32282",
"url": "https://bugzilla.suse.com/1261658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:40:53Z",
"details": "moderate"
}
],
"title": "CVE-2026-32282"
},
{
"cve": "CVE-2026-32283",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32283"
}
],
"notes": [
{
"category": "general",
"text": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32283",
"url": "https://www.suse.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "SUSE Bug 1261659 for CVE-2026-32283",
"url": "https://bugzilla.suse.com/1261659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:40:53Z",
"details": "moderate"
}
],
"title": "CVE-2026-32283"
},
{
"cve": "CVE-2026-32288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32288"
}
],
"notes": [
{
"category": "general",
"text": "tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the \"old GNU sparse map\" format.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32288",
"url": "https://www.suse.com/security/cve/CVE-2026-32288"
},
{
"category": "external",
"summary": "SUSE Bug 1261660 for CVE-2026-32288",
"url": "https://bugzilla.suse.com/1261660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:40:53Z",
"details": "moderate"
}
],
"title": "CVE-2026-32288"
},
{
"cve": "CVE-2026-32289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32289"
}
],
"notes": [
{
"category": "general",
"text": "Context was not properly tracked across template branches for JS template literals, leading to possibly incorrect escaping of content when branches were used. Additionally template actions within JS template literals did not properly track the brace depth, leading to incorrect escaping being applied. These issues could cause actions within JS template literals to be incorrectly or improperly escaped, leading to XSS vulnerabilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32289",
"url": "https://www.suse.com/security/cve/CVE-2026-32289"
},
{
"category": "external",
"summary": "SUSE Bug 1261661 for CVE-2026-32289",
"url": "https://bugzilla.suse.com/1261661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.9-150000.1.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.9-150000.1.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-14T12:40:53Z",
"details": "moderate"
}
],
"title": "CVE-2026-32289"
}
]
}
SUSE-SU-2026:1580-1
Vulnerability from csaf_suse - Published: 2026-04-23 16:38 - Updated: 2026-04-23 16:38Summary
Security update for go1.26-openssl
Severity
Important
Notes
Title of the patch: Security update for go1.26-openssl
Description of the patch: This update for go1.26-openssl fixes the following issues:
- Update to go1.26.2 (bsc#1255111).
- CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653).
- CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654).
- CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking (bsc#1261655).
- CVE-2026-32280: crypto/x509: unexpected work during chain building (bsc#1261656).
- CVE-2026-32281: crypto/x509: inefficient policy validation (bsc#1261657).
- CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658).
- CVE-2026-32283: crypto/tls: multiple key update handshake messages can cause connection to deadlock (bsc#1261659).
- CVE-2026-32288: archive/tar: unbounded allocation when parsing old format GNU sparse map (bsc#1261660).
- CVE-2026-32289: html/template: JS template literal context incorrectly tracked (bsc#1261661).
- CVE-2026-33810: crypto/x509: excluded DNS constraints not properly applied to wildcard domains (bsc#1261662).
Patchnames: SUSE-2026-1580,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1580,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1580,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1580,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1580,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1580,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1580,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1580,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1580
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.4 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.26-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.26-openssl fixes the following issues:\n\n- Update to go1.26.2 (bsc#1255111).\n- CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653).\n- CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654).\n- CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking (bsc#1261655).\n- CVE-2026-32280: crypto/x509: unexpected work during chain building (bsc#1261656).\n- CVE-2026-32281: crypto/x509: inefficient policy validation (bsc#1261657).\n- CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658).\n- CVE-2026-32283: crypto/tls: multiple key update handshake messages can cause connection to deadlock (bsc#1261659).\n- CVE-2026-32288: archive/tar: unbounded allocation when parsing old format GNU sparse map (bsc#1261660).\n- CVE-2026-32289: html/template: JS template literal context incorrectly tracked (bsc#1261661).\n- CVE-2026-33810: crypto/x509: excluded DNS constraints not properly applied to wildcard domains (bsc#1261662).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1580,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1580,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1580,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1580,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1580,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1580,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1580,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1580,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1580",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1580-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1580-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261580-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1580-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-April/045927.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255111",
"url": "https://bugzilla.suse.com/1255111"
},
{
"category": "self",
"summary": "SUSE Bug 1261653",
"url": "https://bugzilla.suse.com/1261653"
},
{
"category": "self",
"summary": "SUSE Bug 1261654",
"url": "https://bugzilla.suse.com/1261654"
},
{
"category": "self",
"summary": "SUSE Bug 1261655",
"url": "https://bugzilla.suse.com/1261655"
},
{
"category": "self",
"summary": "SUSE Bug 1261656",
"url": "https://bugzilla.suse.com/1261656"
},
{
"category": "self",
"summary": "SUSE Bug 1261657",
"url": "https://bugzilla.suse.com/1261657"
},
{
"category": "self",
"summary": "SUSE Bug 1261658",
"url": "https://bugzilla.suse.com/1261658"
},
{
"category": "self",
"summary": "SUSE Bug 1261659",
"url": "https://bugzilla.suse.com/1261659"
},
{
"category": "self",
"summary": "SUSE Bug 1261660",
"url": "https://bugzilla.suse.com/1261660"
},
{
"category": "self",
"summary": "SUSE Bug 1261661",
"url": "https://bugzilla.suse.com/1261661"
},
{
"category": "self",
"summary": "SUSE Bug 1261662",
"url": "https://bugzilla.suse.com/1261662"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27140 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27143 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27144 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32280 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32281 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32282 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32282/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32283 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32283/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32288 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32289 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32289/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33810 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33810/"
}
],
"title": "Security update for go1.26-openssl",
"tracking": {
"current_release_date": "2026-04-23T16:38:35Z",
"generator": {
"date": "2026-04-23T16:38:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1580-1",
"initial_release_date": "2026-04-23T16:38:35Z",
"revision_history": [
{
"date": "2026-04-23T16:38:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"product": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"product_id": "go1.26-openssl-1.26.2-150000.1.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"product": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"product_id": "go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"product": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"product_id": "go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-openssl-1.26.2-150000.1.6.1.i586",
"product": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.i586",
"product_id": "go1.26-openssl-1.26.2-150000.1.6.1.i586"
}
},
{
"category": "product_version",
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.i586",
"product": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.i586",
"product_id": "go1.26-openssl-doc-1.26.2-150000.1.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"product": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"product_id": "go1.26-openssl-1.26.2-150000.1.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"product": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"product_id": "go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"product": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"product_id": "go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"product": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"product_id": "go1.26-openssl-1.26.2-150000.1.6.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"product": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"product_id": "go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"product": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"product_id": "go1.26-openssl-race-1.26.2-150000.1.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"product": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"product_id": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"product": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"product_id": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"product": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"product_id": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27140"
}
],
"notes": [
{
"category": "general",
"text": "SWIG file names containing \u0027cgo\u0027 and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27140",
"url": "https://www.suse.com/security/cve/CVE-2026-27140"
},
{
"category": "external",
"summary": "SUSE Bug 1261653 for CVE-2026-27140",
"url": "https://bugzilla.suse.com/1261653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:38:35Z",
"details": "important"
}
],
"title": "CVE-2026-27140"
},
{
"cve": "CVE-2026-27143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27143"
}
],
"notes": [
{
"category": "general",
"text": "Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27143",
"url": "https://www.suse.com/security/cve/CVE-2026-27143"
},
{
"category": "external",
"summary": "SUSE Bug 1261654 for CVE-2026-27143",
"url": "https://bugzilla.suse.com/1261654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:38:35Z",
"details": "important"
}
],
"title": "CVE-2026-27143"
},
{
"cve": "CVE-2026-27144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27144"
}
],
"notes": [
{
"category": "general",
"text": "The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27144",
"url": "https://www.suse.com/security/cve/CVE-2026-27144"
},
{
"category": "external",
"summary": "SUSE Bug 1261655 for CVE-2026-27144",
"url": "https://bugzilla.suse.com/1261655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:38:35Z",
"details": "moderate"
}
],
"title": "CVE-2026-27144"
},
{
"cve": "CVE-2026-32280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32280"
}
],
"notes": [
{
"category": "general",
"text": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32280",
"url": "https://www.suse.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "SUSE Bug 1261656 for CVE-2026-32280",
"url": "https://bugzilla.suse.com/1261656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:38:35Z",
"details": "important"
}
],
"title": "CVE-2026-32280"
},
{
"cve": "CVE-2026-32281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32281"
}
],
"notes": [
{
"category": "general",
"text": "Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32281",
"url": "https://www.suse.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "SUSE Bug 1261657 for CVE-2026-32281",
"url": "https://bugzilla.suse.com/1261657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:38:35Z",
"details": "moderate"
}
],
"title": "CVE-2026-32281"
},
{
"cve": "CVE-2026-32282",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32282"
}
],
"notes": [
{
"category": "general",
"text": "On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32282",
"url": "https://www.suse.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "SUSE Bug 1261658 for CVE-2026-32282",
"url": "https://bugzilla.suse.com/1261658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:38:35Z",
"details": "moderate"
}
],
"title": "CVE-2026-32282"
},
{
"cve": "CVE-2026-32283",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32283"
}
],
"notes": [
{
"category": "general",
"text": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32283",
"url": "https://www.suse.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "SUSE Bug 1261659 for CVE-2026-32283",
"url": "https://bugzilla.suse.com/1261659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:38:35Z",
"details": "moderate"
}
],
"title": "CVE-2026-32283"
},
{
"cve": "CVE-2026-32288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32288"
}
],
"notes": [
{
"category": "general",
"text": "tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the \"old GNU sparse map\" format.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32288",
"url": "https://www.suse.com/security/cve/CVE-2026-32288"
},
{
"category": "external",
"summary": "SUSE Bug 1261660 for CVE-2026-32288",
"url": "https://bugzilla.suse.com/1261660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:38:35Z",
"details": "moderate"
}
],
"title": "CVE-2026-32288"
},
{
"cve": "CVE-2026-32289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32289"
}
],
"notes": [
{
"category": "general",
"text": "Context was not properly tracked across template branches for JS template literals, leading to possibly incorrect escaping of content when branches were used. Additionally template actions within JS template literals did not properly track the brace depth, leading to incorrect escaping being applied. These issues could cause actions within JS template literals to be incorrectly or improperly escaped, leading to XSS vulnerabilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32289",
"url": "https://www.suse.com/security/cve/CVE-2026-32289"
},
{
"category": "external",
"summary": "SUSE Bug 1261661 for CVE-2026-32289",
"url": "https://bugzilla.suse.com/1261661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:38:35Z",
"details": "moderate"
}
],
"title": "CVE-2026-32289"
},
{
"cve": "CVE-2026-33810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33810"
}
],
"notes": [
{
"category": "general",
"text": "When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33810",
"url": "https://www.suse.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "SUSE Bug 1261662 for CVE-2026-33810",
"url": "https://bugzilla.suse.com/1261662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-doc-1.26.2-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-openssl-race-1.26.2-150000.1.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T16:38:35Z",
"details": "moderate"
}
],
"title": "CVE-2026-33810"
}
]
}
WID-SEC-W-2026-1006
Vulnerability from csaf_certbund - Published: 2026-04-07 22:00 - Updated: 2026-04-09 22:00Summary
Golang Go: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Go ist eine quelloffene Programmiersprache.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um Speicherbeschädigungen zu verursachen, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen oder andere, nicht näher spezifizierte Angriffe durchzuführen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
References
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Go ist eine quelloffene Programmiersprache.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um Speicherbesch\u00e4digungen zu verursachen, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen oder andere, nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1006 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1006.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1006 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1006"
},
{
"category": "external",
"summary": "Go 1.26.2 and Go 1.25.9 releases vom 2026-04-07",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
}
],
"source_lang": "en-US",
"title": "Golang Go: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-04-09T22:00:00.000+00:00",
"generator": {
"date": "2026-04-10T07:05:07.518+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-1006",
"initial_release_date": "2026-04-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-04-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-04-09T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: 2456336"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.26.2",
"product": {
"name": "Golang Go \u003c1.26.2",
"product_id": "T052518"
}
},
{
"category": "product_version",
"name": "1.26.2",
"product": {
"name": "Golang Go 1.26.2",
"product_id": "T052518-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:1.26.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.25.9",
"product": {
"name": "Golang Go \u003c1.25.9",
"product_id": "T052519"
}
},
{
"category": "product_version",
"name": "1.25.9",
"product": {
"name": "Golang Go 1.25.9",
"product_id": "T052519-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:1.25.9"
}
}
}
],
"category": "product_name",
"name": "Go"
}
],
"category": "vendor",
"name": "Golang"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27140",
"product_status": {
"known_affected": [
"T052519",
"T052518"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-27140"
},
{
"cve": "CVE-2026-27143",
"product_status": {
"known_affected": [
"T052519",
"T052518"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-27143"
},
{
"cve": "CVE-2026-27144",
"product_status": {
"known_affected": [
"T052519",
"T052518"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-27144"
},
{
"cve": "CVE-2026-32280",
"product_status": {
"known_affected": [
"T052519",
"T052518"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-32280"
},
{
"cve": "CVE-2026-32281",
"product_status": {
"known_affected": [
"T052519",
"T052518"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-32281"
},
{
"cve": "CVE-2026-32282",
"product_status": {
"known_affected": [
"T052519",
"T052518"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-32282"
},
{
"cve": "CVE-2026-32283",
"product_status": {
"known_affected": [
"T052519",
"T052518"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-32283"
},
{
"cve": "CVE-2026-32288",
"product_status": {
"known_affected": [
"T052519",
"T052518"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-32288"
},
{
"cve": "CVE-2026-32289",
"product_status": {
"known_affected": [
"T052519",
"T052518"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-32289"
},
{
"cve": "CVE-2026-33810",
"product_status": {
"known_affected": [
"T052519",
"T052518"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-33810"
}
]
}
bit-golang-2026-32283
Vulnerability from bitnami_vulndb
Published
2026-04-13 05:43
Modified
2026-04-17 00:10
Summary
Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls
Details
If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "golang",
"purl": "pkg:bitnami/golang"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.25.9"
},
{
"introduced": "1.26.0-0"
},
{
"fixed": "1.26.2"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
],
"aliases": [
"CVE-2026-32283"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*"
],
"severity": "High"
},
"details": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.",
"id": "BIT-golang-2026-32283",
"modified": "2026-04-17T00:10:47.507Z",
"published": "2026-04-13T05:43:44.464Z",
"references": [
{
"type": "WEB",
"url": "https://go.dev/cl/763767"
},
{
"type": "WEB",
"url": "https://go.dev/issue/78334"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"schema_version": "1.6.2",
"summary": "Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls"
}
OPENSUSE-SU-2026:10514-1
Vulnerability from csaf_opensuse - Published: 2026-04-09 00:00 - Updated: 2026-04-09 00:00Summary
go1.25-1.25.9-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: go1.25-1.25.9-1.1 on GA media
Description of the patch: These are all security issues fixed in the go1.25-1.25.9-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10514
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go1.25-1.25.9-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go1.25-1.25.9-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10514",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10514-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27140 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27143 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27144 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32280 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32281 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32282 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32282/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32283 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32283/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32288 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32289 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32289/"
}
],
"title": "go1.25-1.25.9-1.1 on GA media",
"tracking": {
"current_release_date": "2026-04-09T00:00:00Z",
"generator": {
"date": "2026-04-09T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10514-1",
"initial_release_date": "2026-04-09T00:00:00Z",
"revision_history": [
{
"date": "2026-04-09T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.9-1.1.aarch64",
"product": {
"name": "go1.25-1.25.9-1.1.aarch64",
"product_id": "go1.25-1.25.9-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.9-1.1.aarch64",
"product": {
"name": "go1.25-doc-1.25.9-1.1.aarch64",
"product_id": "go1.25-doc-1.25.9-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.9-1.1.aarch64",
"product": {
"name": "go1.25-libstd-1.25.9-1.1.aarch64",
"product_id": "go1.25-libstd-1.25.9-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.9-1.1.aarch64",
"product": {
"name": "go1.25-race-1.25.9-1.1.aarch64",
"product_id": "go1.25-race-1.25.9-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.9-1.1.ppc64le",
"product": {
"name": "go1.25-1.25.9-1.1.ppc64le",
"product_id": "go1.25-1.25.9-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.9-1.1.ppc64le",
"product": {
"name": "go1.25-doc-1.25.9-1.1.ppc64le",
"product_id": "go1.25-doc-1.25.9-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.9-1.1.ppc64le",
"product": {
"name": "go1.25-libstd-1.25.9-1.1.ppc64le",
"product_id": "go1.25-libstd-1.25.9-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.9-1.1.ppc64le",
"product": {
"name": "go1.25-race-1.25.9-1.1.ppc64le",
"product_id": "go1.25-race-1.25.9-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.9-1.1.s390x",
"product": {
"name": "go1.25-1.25.9-1.1.s390x",
"product_id": "go1.25-1.25.9-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.9-1.1.s390x",
"product": {
"name": "go1.25-doc-1.25.9-1.1.s390x",
"product_id": "go1.25-doc-1.25.9-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.9-1.1.s390x",
"product": {
"name": "go1.25-libstd-1.25.9-1.1.s390x",
"product_id": "go1.25-libstd-1.25.9-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.9-1.1.s390x",
"product": {
"name": "go1.25-race-1.25.9-1.1.s390x",
"product_id": "go1.25-race-1.25.9-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.9-1.1.x86_64",
"product": {
"name": "go1.25-1.25.9-1.1.x86_64",
"product_id": "go1.25-1.25.9-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.9-1.1.x86_64",
"product": {
"name": "go1.25-doc-1.25.9-1.1.x86_64",
"product_id": "go1.25-doc-1.25.9-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.9-1.1.x86_64",
"product": {
"name": "go1.25-libstd-1.25.9-1.1.x86_64",
"product_id": "go1.25-libstd-1.25.9-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.9-1.1.x86_64",
"product": {
"name": "go1.25-race-1.25.9-1.1.x86_64",
"product_id": "go1.25-race-1.25.9-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64"
},
"product_reference": "go1.25-1.25.9-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le"
},
"product_reference": "go1.25-1.25.9-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x"
},
"product_reference": "go1.25-1.25.9-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.9-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64"
},
"product_reference": "go1.25-1.25.9-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.9-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.9-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x"
},
"product_reference": "go1.25-doc-1.25.9-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.9-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.9-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.9-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64"
},
"product_reference": "go1.25-libstd-1.25.9-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.9-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le"
},
"product_reference": "go1.25-libstd-1.25.9-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.9-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x"
},
"product_reference": "go1.25-libstd-1.25.9-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.9-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64"
},
"product_reference": "go1.25-libstd-1.25.9-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64"
},
"product_reference": "go1.25-race-1.25.9-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.9-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x"
},
"product_reference": "go1.25-race-1.25.9-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.9-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
},
"product_reference": "go1.25-race-1.25.9-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27140"
}
],
"notes": [
{
"category": "general",
"text": "SWIG file names containing \u0027cgo\u0027 and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27140",
"url": "https://www.suse.com/security/cve/CVE-2026-27140"
},
{
"category": "external",
"summary": "SUSE Bug 1261653 for CVE-2026-27140",
"url": "https://bugzilla.suse.com/1261653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-27140"
},
{
"cve": "CVE-2026-27143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27143"
}
],
"notes": [
{
"category": "general",
"text": "Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27143",
"url": "https://www.suse.com/security/cve/CVE-2026-27143"
},
{
"category": "external",
"summary": "SUSE Bug 1261654 for CVE-2026-27143",
"url": "https://bugzilla.suse.com/1261654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-27143"
},
{
"cve": "CVE-2026-27144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27144"
}
],
"notes": [
{
"category": "general",
"text": "The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27144",
"url": "https://www.suse.com/security/cve/CVE-2026-27144"
},
{
"category": "external",
"summary": "SUSE Bug 1261655 for CVE-2026-27144",
"url": "https://bugzilla.suse.com/1261655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-27144"
},
{
"cve": "CVE-2026-32280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32280"
}
],
"notes": [
{
"category": "general",
"text": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32280",
"url": "https://www.suse.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "SUSE Bug 1261656 for CVE-2026-32280",
"url": "https://bugzilla.suse.com/1261656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-32280"
},
{
"cve": "CVE-2026-32281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32281"
}
],
"notes": [
{
"category": "general",
"text": "Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32281",
"url": "https://www.suse.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "SUSE Bug 1261657 for CVE-2026-32281",
"url": "https://bugzilla.suse.com/1261657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-32281"
},
{
"cve": "CVE-2026-32282",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32282"
}
],
"notes": [
{
"category": "general",
"text": "On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32282",
"url": "https://www.suse.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "SUSE Bug 1261658 for CVE-2026-32282",
"url": "https://bugzilla.suse.com/1261658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-32282"
},
{
"cve": "CVE-2026-32283",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32283"
}
],
"notes": [
{
"category": "general",
"text": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32283",
"url": "https://www.suse.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "SUSE Bug 1261659 for CVE-2026-32283",
"url": "https://bugzilla.suse.com/1261659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-32283"
},
{
"cve": "CVE-2026-32288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32288"
}
],
"notes": [
{
"category": "general",
"text": "tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the \"old GNU sparse map\" format.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32288",
"url": "https://www.suse.com/security/cve/CVE-2026-32288"
},
{
"category": "external",
"summary": "SUSE Bug 1261660 for CVE-2026-32288",
"url": "https://bugzilla.suse.com/1261660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-32288"
},
{
"cve": "CVE-2026-32289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32289"
}
],
"notes": [
{
"category": "general",
"text": "Context was not properly tracked across template branches for JS template literals, leading to possibly incorrect escaping of content when branches were used. Additionally template actions within JS template literals did not properly track the brace depth, leading to incorrect escaping being applied. These issues could cause actions within JS template literals to be incorrectly or improperly escaped, leading to XSS vulnerabilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32289",
"url": "https://www.suse.com/security/cve/CVE-2026-32289"
},
{
"category": "external",
"summary": "SUSE Bug 1261661 for CVE-2026-32289",
"url": "https://bugzilla.suse.com/1261661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.9-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-09T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-32289"
}
]
}
FKIE_CVE-2026-32283
Vulnerability from fkie_nvd - Published: 2026-04-08 02:16 - Updated: 2026-04-16 19:12
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.
References
| URL | Tags | ||
|---|---|---|---|
| security@golang.org | https://go.dev/cl/763767 | Patch | |
| security@golang.org | https://go.dev/issue/78334 | Issue Tracking | |
| security@golang.org | https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU | Release Notes, Mailing List | |
| security@golang.org | https://pkg.go.dev/vuln/GO-2026-4870 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C9C072-9817-402D-877F-F83584B07017",
"versionEndExcluding": "1.25.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39FE9BAF-55E9-43AA-B14E-239E7EF1D65D",
"versionEndExcluding": "1.26.2",
"versionStartIncluding": "1.26.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3."
}
],
"id": "CVE-2026-32283",
"lastModified": "2026-04-16T19:12:10.540",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2026-04-08T02:16:03.580",
"references": [
{
"source": "security@golang.org",
"tags": [
"Patch"
],
"url": "https://go.dev/cl/763767"
},
{
"source": "security@golang.org",
"tags": [
"Issue Tracking"
],
"url": "https://go.dev/issue/78334"
},
{
"source": "security@golang.org",
"tags": [
"Release Notes",
"Mailing List"
],
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"source": "security@golang.org",
"tags": [
"Vendor Advisory"
],
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"sourceIdentifier": "security@golang.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTFR-2026-AVI-0540
Vulnerability from certfr_avis - Published: 2026-05-06 - Updated: 2026-05-06
De multiples vulnérabilités ont été découvertes dans VMware Tanzu Gemfire. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Gemfire | Tanzu GemFire Management Console versions antérieures à 1.4.4 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu GemFire Management Console versions ant\u00e9rieures \u00e0 1.4.4",
"product": {
"name": "Tanzu Gemfire",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-32288",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32288"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"name": "CVE-2026-32285",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32285"
},
{
"name": "CVE-2026-39883",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39883"
},
{
"name": "CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"name": "CVE-2026-34040",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34040"
},
{
"name": "CVE-2026-32289",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32289"
},
{
"name": "CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"name": "CVE-2026-23949",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23949"
},
{
"name": "CVE-2026-27140",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27140"
},
{
"name": "CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"name": "CVE-2026-33810",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33810"
},
{
"name": "CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
}
],
"initial_release_date": "2026-05-06T00:00:00",
"last_revision_date": "2026-05-06T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0540",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-05-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu Gemfire. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu Gemfire",
"vendor_advisories": [
{
"published_at": "2026-05-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37439",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37439"
}
]
}
CERTFR-2026-AVI-0498
Vulnerability from certfr_avis - Published: 2026-04-27 - Updated: 2026-04-27
De multiples vulnérabilités ont été découvertes dans Zabbix Agent2. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Zabbix agent2 versions 7.4.8 et 7.4.9 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "Agent",
"vendor": {
"name": "Zabbix",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-61730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61730"
},
{
"name": "CVE-2026-32288",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32288"
},
{
"name": "CVE-2025-61731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61731"
},
{
"name": "CVE-2026-27143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27143"
},
{
"name": "CVE-2026-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27144"
},
{
"name": "CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"name": "CVE-2025-61727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
},
{
"name": "CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"name": "CVE-2026-27142",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27142"
},
{
"name": "CVE-2025-61732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
},
{
"name": "CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"name": "CVE-2026-32289",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32289"
},
{
"name": "CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"name": "CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"name": "CVE-2026-27140",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27140"
},
{
"name": "CVE-2026-27139",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27139"
},
{
"name": "CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"name": "CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"name": "CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
}
],
"initial_release_date": "2026-04-27T00:00:00",
"last_revision_date": "2026-04-27T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0498",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-04-27T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Zabbix Agent2. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Zabbix Agent2",
"vendor_advisories": [
{
"published_at": "2026-04-24",
"title": "Bulletin de s\u00e9curit\u00e9 Zabbix ZBX-27738",
"url": "https://support.zabbix.com/browse/ZBX-27738"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…