Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-4673 (GCVE-0-2025-4673)
Vulnerability from cvelistv5
Published
2025-06-11 16:42
Modified
2025-06-11 17:59
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Go standard library | net/http |
Version: 0 ≤ Version: 1.24.0-0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-4673",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-11T17:59:02.225500Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T17:59:48.033Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "net/http",
"product": "net/http",
"programRoutines": [
{
"name": "Client.makeHeadersCopier"
},
{
"name": "Client.Do"
},
{
"name": "Client.Get"
},
{
"name": "Client.Head"
},
{
"name": "Client.Post"
},
{
"name": "Client.PostForm"
},
{
"name": "Get"
},
{
"name": "Head"
},
{
"name": "Post"
},
{
"name": "PostForm"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.23.10",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.24.4",
"status": "affected",
"version": "1.24.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Takeshi Kaneko (GMO Cybersecurity by Ierae, Inc.)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-201: Insertion of Sensitive Information Into Sent Data",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T16:42:53.054Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/679257"
},
{
"url": "https://go.dev/issue/73816"
},
{
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-3751"
}
],
"title": "Sensitive headers not cleared on cross-origin redirect in net/http"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-4673",
"datePublished": "2025-06-11T16:42:53.054Z",
"dateReserved": "2025-05-13T23:30:53.327Z",
"dateUpdated": "2025-06-11T17:59:48.033Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-4673\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2025-06-11T17:15:42.993\",\"lastModified\":\"2025-06-12T16:06:20.180\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.\"},{\"lang\":\"es\",\"value\":\"Los encabezados Proxy-Authorization y Proxy-Authenticate persistieron en redirecciones de origen cruzado, lo que potencialmente filtr\u00f3 informaci\u00f3n confidencial.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":4.0}]},\"references\":[{\"url\":\"https://go.dev/cl/679257\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/issue/73816\",\"source\":\"security@golang.org\"},{\"url\":\"https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2025-3751\",\"source\":\"security@golang.org\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-4673\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-11T17:59:02.225500Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-11T17:59:18.551Z\"}}], \"cna\": {\"title\": \"Sensitive headers not cleared on cross-origin redirect in net/http\", \"credits\": [{\"lang\": \"en\", \"value\": \"Takeshi Kaneko (GMO Cybersecurity by Ierae, Inc.)\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"net/http\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.23.10\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.24.0-0\", \"lessThan\": \"1.24.4\", \"versionType\": \"semver\"}], \"packageName\": \"net/http\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"Client.makeHeadersCopier\"}, {\"name\": \"Client.Do\"}, {\"name\": \"Client.Get\"}, {\"name\": \"Client.Head\"}, {\"name\": \"Client.Post\"}, {\"name\": \"Client.PostForm\"}, {\"name\": \"Get\"}, {\"name\": \"Head\"}, {\"name\": \"Post\"}, {\"name\": \"PostForm\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/679257\"}, {\"url\": \"https://go.dev/issue/73816\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2025-3751\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-201: Insertion of Sensitive Information Into Sent Data\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2025-06-11T16:42:53.054Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-4673\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-11T17:59:48.033Z\", \"dateReserved\": \"2025-05-13T23:30:53.327Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2025-06-11T16:42:53.054Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
rhsa-2025:10823
Vulnerability from csaf_redhat
Published
2025-07-10 17:57
Modified
2025-09-11 15:33
Summary
Red Hat Security Advisory: Red Hat build of Tempo 3.6.1 release
Notes
Topic
Red Hat build of Tempo 3.6.1 has been released
Details
This release of the Red Hat build of Tempo provides a CVE fix.
Breaking changes:
* Nothing
Deprecations:
* Nothing
Technology Preview features:
* Nothing
Enhancements:
* Nothing
Bug fixes:
* Nothing
Known issues:
* Nothing
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat build of Tempo 3.6.1 has been released",
"title": "Topic"
},
{
"category": "general",
"text": "This release of the Red Hat build of Tempo provides a CVE fix.\n\n Breaking changes:\n\n * Nothing\n\n Deprecations:\n\n * Nothing\n \n Technology Preview features:\n\n * Nothing\n \n Enhancements:\n\n * Nothing\n\n Bug fixes:\n\n * Nothing\n \n Known issues:\n\n * Nothing",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10823",
"url": "https://access.redhat.com/errata/RHSA-2025:10823"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-4673",
"url": "https://access.redhat.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6020",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/distributed_tracing/distributed-tracing-platform-tempo",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/distributed_tracing/distributed-tracing-platform-tempo"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10823.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Tempo 3.6.1 release",
"tracking": {
"current_release_date": "2025-09-11T15:33:38+00:00",
"generator": {
"date": "2025-09-11T15:33:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.7"
}
},
"id": "RHSA-2025:10823",
"initial_release_date": "2025-07-10T17:57:25+00:00",
"revision_history": [
{
"date": "2025-07-10T17:57:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-10T17:57:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-11T15:33:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift distributed tracing 3.6.1",
"product": {
"name": "Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift distributed tracing"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-operator-bundle@sha256%3A85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752120292"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256%3Ae8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070873"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel8@sha256%3Ab9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1751993590"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256%3A34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070865"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256%3Acbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256%3Ac34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070827"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256%3A64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070833"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256%3Ab1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070873"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel8@sha256%3A2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1751993590"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256%3Ab195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070865"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256%3Ad0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256%3A8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070827"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256%3A1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070833"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256%3A3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070873"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel8@sha256%3Afaad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1751993590"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256%3A3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070865"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256%3A54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256%3Ae5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070827"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256%3A3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070833"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256%3Acd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070873"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel8@sha256%3Ad1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1751993590"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256%3Af370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070865"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256%3Ae0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256%3Afb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070827"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256%3A9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752070833"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4673",
"discovery_date": "2025-06-18T06:34:57.662025+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373305"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect responses, unintentionally exposing authentication details to unauthorized parties.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The issue is rated as Moderate because while it can lead to a significant compromise of confidentiality, the attack complexity is high. Successful exploitation requires a specific set of circumstances, including the use of a proxy that relies on these headers for authentication and a user being enticed to interact with a malicious URL. The vulnerability does not allow for arbitrary code execution or a direct compromise of system integrity or availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "RHBZ#2373305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373305"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"category": "external",
"summary": "https://go.dev/cl/679257",
"url": "https://go.dev/cl/679257"
},
{
"category": "external",
"summary": "https://go.dev/issue/73816",
"url": "https://go.dev/issue/73816"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3751",
"url": "https://pkg.go.dev/vuln/GO-2025-3751"
}
],
"release_date": "2025-06-11T16:42:53.054000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-10T17:57:25+00:00",
"details": "For details on how to apply this update, refer to:\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10823"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http"
},
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-10T17:57:25+00:00",
"details": "For details on how to apply this update, refer to:\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10823"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:34851d4dd94a887b27d0937a1238d09ac370b4ec06382fe880796dac86c4aa3e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:3e188c2073ae9099a3057c55d9366b6d1ec290b0016afa85f632c00cc4b778fa_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:b195c1dd6a6efeff33aaa32e006d0e9da56e638c13fea0383af1cb9c954d543c_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:f370f7f76c96e27bd5cd93b993d850c8ce5123a2dc1a03955596db5eee88d411_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:3d281c9d7fe151c35605aac57a95fec699d20ecea6f4a5ea5b8cdc26a8808695_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b1995ead9af6e923bd55ebdbed4c371b7f8bb58c46d6a36e9a25f9296f09a3f4_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:cd011375e307f5cef74d4819f37567f6291259eb1d2795f0cf4b8cb8a90004e0_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:e8f3e4113f56564a287bad34721440b00ef600fb99f0dc454dd9c9581e57e696_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:2a37885dbd9735167854119a546f9ce1b37454a2b57d283fbd8da890c01db767_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:b9af5a1af9342d62f300d970c0894b483eaaa4082ea9903d99e7267637b68f59_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:d1425fca630adab3f66b30eaf47010c2da892e2d635a721c493c1751f98f69b3_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:faad36621dda484f7883da35873b9f288f6c7a1332815bc857531de032c38068_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:85feb99b001b571ca08d88c1a7eb10cdf02c71d951a240098f39066fe99203df_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:8f2da1e0fc45a36cffbe91f9a1c4449eb0c71671865b7194951ad727c9f7b064_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:c34a7574e3c6af4c82bee38e581d047613f8931c12d89924764f46b565bf3117_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:e5302b8da7585229e8c123fa3a84720e46bca9abd76acfc31ae0273f3fd4f800_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:fb1e2c0ad417d391d2fe055e68e9aadd5b24b2c99f3fe5895750579e537fdc7d_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:54c5403a8a9e0300233e75a04318013e9dbe3d894be691927d27dc2fe53fddc0_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:cbfcac41c1bd3a06e874433089e231dfd2a944dee139906d9949e2d68b71cfc3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:d0783f1725e2452c74dd687ac3238634851b9e587cd5c1134e790a43cdd7cad5_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:e0319f6e008b9acca2b111406b25238d1e75ca95b18b09365886a617d2a38882_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:1feaee0df48953c919df3ceb2dde3aa10345e69c0b1a7186a8a0fd6ab9b300f6_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:3a3719e3683051967d548de708e178640f848933c99efc3955ca915a46bcb675_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:64a3f8700431671b0bf37a5e6963a2fcf0fac77a10d56854f8649b0eb407cbb3_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:9eaae087bccf2cedfea26d1c0235cfbbe227f9b8f1eda67dc0b33441e319eb85_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
}
]
}
rhsa-2025:10735
Vulnerability from csaf_redhat
Published
2025-07-09 14:31
Modified
2025-09-11 15:33
Summary
Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.6.1 release
Notes
Topic
Red Hat build of OpenTelemetry 3.6.1 has been released
Details
This release of the Red Hat build of OpenTelemetry provides a CVE fix.
Breaking changes:
* Nothing
Deprecations:
* Nothing
Technology Preview features:
* Nothing
Enhancements:
* Nothing
Bug fixes:
* Nothing
Known issues:
* Nothing
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat build of OpenTelemetry 3.6.1 has been released",
"title": "Topic"
},
{
"category": "general",
"text": "This release of the Red Hat build of OpenTelemetry provides a CVE fix.\n\nBreaking changes:\n* Nothing\n\nDeprecations:\n* Nothing\n\nTechnology Preview features:\n* Nothing\n\nEnhancements:\n* Nothing\n\nBug fixes:\n* Nothing\n\nKnown issues:\n* Nothing",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10735",
"url": "https://access.redhat.com/errata/RHSA-2025:10735"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-4673",
"url": "https://access.redhat.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6020",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/red_hat_build_of_opentelemetry",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/red_hat_build_of_opentelemetry"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10735.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.6.1 release",
"tracking": {
"current_release_date": "2025-09-11T15:33:37+00:00",
"generator": {
"date": "2025-09-11T15:33:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.7"
}
},
"id": "RHSA-2025:10735",
"initial_release_date": "2025-07-09T14:31:36+00:00",
"revision_history": [
{
"date": "2025-07-09T14:31:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-09T14:31:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-11T15:33:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift distributed tracing 3.6.1",
"product": {
"name": "Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift distributed tracing"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-operator-bundle@sha256%3A4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752053203"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256%3A93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046452"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256%3Ac18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046437"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-target-allocator-rhel8@sha256%3A46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046439"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256%3A77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046452"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256%3A643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046437"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-target-allocator-rhel8@sha256%3Af49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046439"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256%3A40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046452"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256%3A39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046437"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-target-allocator-rhel8@sha256%3A18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046439"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256%3A1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046452"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256%3A5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046437"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"product_id": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-target-allocator-rhel8@sha256%3A281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.6-1752046439"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64 as a component of Red Hat OpenShift distributed tracing 3.6.1",
"product_id": "Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4673",
"discovery_date": "2025-06-18T06:34:57.662025+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373305"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect responses, unintentionally exposing authentication details to unauthorized parties.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The issue is rated as Moderate because while it can lead to a significant compromise of confidentiality, the attack complexity is high. Successful exploitation requires a specific set of circumstances, including the use of a proxy that relies on these headers for authentication and a user being enticed to interact with a malicious URL. The vulnerability does not allow for arbitrary code execution or a direct compromise of system integrity or availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "RHBZ#2373305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373305"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"category": "external",
"summary": "https://go.dev/cl/679257",
"url": "https://go.dev/cl/679257"
},
{
"category": "external",
"summary": "https://go.dev/issue/73816",
"url": "https://go.dev/issue/73816"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3751",
"url": "https://pkg.go.dev/vuln/GO-2025-3751"
}
],
"release_date": "2025-06-11T16:42:53.054000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T14:31:36+00:00",
"details": "For details on how to apply this update, refer to:\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10735"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http"
},
{
"acknowledgments": [
{
"names": [
"Olivier BAL-PETRE"
],
"organization": "ANSSI - French Cybersecurity Agency"
}
],
"cve": "CVE-2025-6020",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T16:33:01.214000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "linux-pam: Linux-pam directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in pam_namespace marked as Important rather than Moderate due to its direct impact on privilege boundaries and the ease of exploitation in common configurations. By leveraging symlink attacks or race conditions in polyinstantiated directories under their control, unprivileged local users can escalate to root, compromising the entire system. Since pam_namespace is often used in multi-user environments (e.g., shared systems, terminal servers, containers), a misconfigured or partially protected setup becomes a single point of failure. The attack does not require special capabilities or kernel-level exploits\u2014just timing and control over certain paths\u2014making it both reliable and low-barrier. Moreover, privilege escalation flaws like this can be chained with other vulnerabilities to persist or evade detection, further amplifying the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6020"
},
{
"category": "external",
"summary": "RHBZ#2372512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6020"
}
],
"release_date": "2025-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T14:31:36+00:00",
"details": "For details on how to apply this update, refer to:\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10735"
},
{
"category": "workaround",
"details": "Disable the `pam_namespace` module if it is not essential for your environment, or carefully review and configure it to avoid operating on any directories or paths that can be influenced or controlled by unprivileged users, such as user home directories or world-writable locations like `/tmp`.",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:1faa5daf085b0844740653d96711b3fcfa766a77224fb523335d877b8e314b57_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:40535c017d2730645c57c44b32b4df1613585cc19c052fe472ccbf543a659c42_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:77dc762cbd33d65add35e10c141b1c5c7c3245dfee3e4d977be7ceeabeee7831_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:93a3f6c10968431079bf0b637b029406d6a0bdc9521f3a02b062af7a3539995e_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:4fb2fb1cda1b02adbd8e9ecb34a05e76aa45159d81244209cbb3c2013418bd17_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:39378c1e705973edca5f52f422b5c3693aaf5d2f22fb320d7676086b2cf846ba_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:5bb83d0b9387f51291c3977d37aab8a19e978a7dccf3d72cae0dabb66bd26df4_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:643b9297fe6bf515d142ad8c857d279aa47854aecd0c9cdb90061185ac78987a_arm64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c18d414518b1eaed33a17a13f6c0273ab14405dd9569c169e6839026330e0895_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:18ca3c44f6f25cbfe67842a0b2c9491a8247a64dbd166f188dccf0a84cfd3e67_ppc64le",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:281913677308b5a7f0f834161ca1c1cf22e2686616f60057ac8ae61627f66861_s390x",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:46090c79b193de2028b4c994d3013fec7102f3b10673ecd09b017be4de7bf9f6_amd64",
"Red Hat OpenShift distributed tracing 3.6.1:registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:f49a121a3d0ec81f510680cd47c552f82c48889f28d3f14037c582636085410a_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "linux-pam: Linux-pam directory Traversal"
}
]
}
rhsa-2025:15406
Vulnerability from csaf_redhat
Published
2025-09-08 01:27
Modified
2025-09-10 15:35
Summary
Red Hat Security Advisory: opentelemetry-collector security update
Notes
Topic
An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Collector with the supported components for a Red Hat build of OpenTelemetry
Security Fix(es):
* net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Collector with the supported components for a Red Hat build of OpenTelemetry\n\nSecurity Fix(es):\n\n* net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:15406",
"url": "https://access.redhat.com/errata/RHSA-2025:15406"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2373305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373305"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_15406.json"
}
],
"title": "Red Hat Security Advisory: opentelemetry-collector security update",
"tracking": {
"current_release_date": "2025-09-10T15:35:28+00:00",
"generator": {
"date": "2025-09-10T15:35:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.7"
}
},
"id": "RHSA-2025:15406",
"initial_release_date": "2025-09-08T01:27:06+00:00",
"revision_history": [
{
"date": "2025-09-08T01:27:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-09-08T01:27:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-10T15:35:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.4::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "opentelemetry-collector-0:0.127.0-2.el9_4.src",
"product": {
"name": "opentelemetry-collector-0:0.127.0-2.el9_4.src",
"product_id": "opentelemetry-collector-0:0.127.0-2.el9_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opentelemetry-collector@0.127.0-2.el9_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "opentelemetry-collector-0:0.127.0-2.el9_4.aarch64",
"product": {
"name": "opentelemetry-collector-0:0.127.0-2.el9_4.aarch64",
"product_id": "opentelemetry-collector-0:0.127.0-2.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opentelemetry-collector@0.127.0-2.el9_4?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "opentelemetry-collector-0:0.127.0-2.el9_4.ppc64le",
"product": {
"name": "opentelemetry-collector-0:0.127.0-2.el9_4.ppc64le",
"product_id": "opentelemetry-collector-0:0.127.0-2.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opentelemetry-collector@0.127.0-2.el9_4?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "opentelemetry-collector-0:0.127.0-2.el9_4.x86_64",
"product": {
"name": "opentelemetry-collector-0:0.127.0-2.el9_4.x86_64",
"product_id": "opentelemetry-collector-0:0.127.0-2.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opentelemetry-collector@0.127.0-2.el9_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "opentelemetry-collector-0:0.127.0-2.el9_4.s390x",
"product": {
"name": "opentelemetry-collector-0:0.127.0-2.el9_4.s390x",
"product_id": "opentelemetry-collector-0:0.127.0-2.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opentelemetry-collector@0.127.0-2.el9_4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "opentelemetry-collector-0:0.127.0-2.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.aarch64"
},
"product_reference": "opentelemetry-collector-0:0.127.0-2.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opentelemetry-collector-0:0.127.0-2.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.ppc64le"
},
"product_reference": "opentelemetry-collector-0:0.127.0-2.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opentelemetry-collector-0:0.127.0-2.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.s390x"
},
"product_reference": "opentelemetry-collector-0:0.127.0-2.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opentelemetry-collector-0:0.127.0-2.el9_4.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.src"
},
"product_reference": "opentelemetry-collector-0:0.127.0-2.el9_4.src",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opentelemetry-collector-0:0.127.0-2.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.x86_64"
},
"product_reference": "opentelemetry-collector-0:0.127.0-2.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4673",
"discovery_date": "2025-06-18T06:34:57.662025+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373305"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect responses, unintentionally exposing authentication details to unauthorized parties.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The issue is rated as Moderate because while it can lead to a significant compromise of confidentiality, the attack complexity is high. Successful exploitation requires a specific set of circumstances, including the use of a proxy that relies on these headers for authentication and a user being enticed to interact with a malicious URL. The vulnerability does not allow for arbitrary code execution or a direct compromise of system integrity or availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.src",
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "RHBZ#2373305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373305"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"category": "external",
"summary": "https://go.dev/cl/679257",
"url": "https://go.dev/cl/679257"
},
{
"category": "external",
"summary": "https://go.dev/issue/73816",
"url": "https://go.dev/issue/73816"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3751",
"url": "https://pkg.go.dev/vuln/GO-2025-3751"
}
],
"release_date": "2025-06-11T16:42:53.054000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-08T01:27:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.src",
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15406"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.src",
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.src",
"AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.127.0-2.el9_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http"
}
]
}
rhsa-2025:10676
Vulnerability from csaf_redhat
Published
2025-07-09 00:58
Modified
2025-09-10 15:31
Summary
Red Hat Security Advisory: golang security update
Notes
Topic
An update for golang is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The golang packages provide the Go programming language compiler.
Security Fix(es):
* net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10676",
"url": "https://access.redhat.com/errata/RHSA-2025:10676"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2373305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373305"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10676.json"
}
],
"title": "Red Hat Security Advisory: golang security update",
"tracking": {
"current_release_date": "2025-09-10T15:31:55+00:00",
"generator": {
"date": "2025-09-10T15:31:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.7"
}
},
"id": "RHSA-2025:10676",
"initial_release_date": "2025-07-09T00:58:06+00:00",
"revision_history": [
{
"date": "2025-07-09T00:58:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-09T00:58:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-10T15:31:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.4-1.el9_6.aarch64",
"product": {
"name": "go-toolset-0:1.24.4-1.el9_6.aarch64",
"product_id": "go-toolset-0:1.24.4-1.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el9_6.aarch64",
"product": {
"name": "golang-0:1.24.4-1.el9_6.aarch64",
"product_id": "golang-0:1.24.4-1.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.4-1.el9_6.aarch64",
"product": {
"name": "golang-bin-0:1.24.4-1.el9_6.aarch64",
"product_id": "golang-bin-0:1.24.4-1.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.4-1.el9_6.aarch64",
"product": {
"name": "golang-race-0:1.24.4-1.el9_6.aarch64",
"product_id": "golang-race-0:1.24.4-1.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.4-1.el9_6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.4-1.el9_6.ppc64le",
"product": {
"name": "go-toolset-0:1.24.4-1.el9_6.ppc64le",
"product_id": "go-toolset-0:1.24.4-1.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el9_6.ppc64le",
"product": {
"name": "golang-0:1.24.4-1.el9_6.ppc64le",
"product_id": "golang-0:1.24.4-1.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.4-1.el9_6.ppc64le",
"product": {
"name": "golang-bin-0:1.24.4-1.el9_6.ppc64le",
"product_id": "golang-bin-0:1.24.4-1.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.4-1.el9_6.ppc64le",
"product": {
"name": "golang-race-0:1.24.4-1.el9_6.ppc64le",
"product_id": "golang-race-0:1.24.4-1.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.4-1.el9_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.4-1.el9_6.x86_64",
"product": {
"name": "go-toolset-0:1.24.4-1.el9_6.x86_64",
"product_id": "go-toolset-0:1.24.4-1.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el9_6.x86_64",
"product": {
"name": "golang-0:1.24.4-1.el9_6.x86_64",
"product_id": "golang-0:1.24.4-1.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.4-1.el9_6.x86_64",
"product": {
"name": "golang-bin-0:1.24.4-1.el9_6.x86_64",
"product_id": "golang-bin-0:1.24.4-1.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.4-1.el9_6.x86_64",
"product": {
"name": "golang-race-0:1.24.4-1.el9_6.x86_64",
"product_id": "golang-race-0:1.24.4-1.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.4-1.el9_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.4-1.el9_6.s390x",
"product": {
"name": "go-toolset-0:1.24.4-1.el9_6.s390x",
"product_id": "go-toolset-0:1.24.4-1.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el9_6.s390x",
"product": {
"name": "golang-0:1.24.4-1.el9_6.s390x",
"product_id": "golang-0:1.24.4-1.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.4-1.el9_6.s390x",
"product": {
"name": "golang-bin-0:1.24.4-1.el9_6.s390x",
"product_id": "golang-bin-0:1.24.4-1.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.4-1.el9_6.s390x",
"product": {
"name": "golang-race-0:1.24.4-1.el9_6.s390x",
"product_id": "golang-race-0:1.24.4-1.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.4-1.el9_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el9_6.src",
"product": {
"name": "golang-0:1.24.4-1.el9_6.src",
"product_id": "golang-0:1.24.4-1.el9_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el9_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.24.4-1.el9_6.noarch",
"product": {
"name": "golang-docs-0:1.24.4-1.el9_6.noarch",
"product_id": "golang-docs-0:1.24.4-1.el9_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.24.4-1.el9_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.24.4-1.el9_6.noarch",
"product": {
"name": "golang-misc-0:1.24.4-1.el9_6.noarch",
"product_id": "golang-misc-0:1.24.4-1.el9_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.24.4-1.el9_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.24.4-1.el9_6.noarch",
"product": {
"name": "golang-src-0:1.24.4-1.el9_6.noarch",
"product_id": "golang-src-0:1.24.4-1.el9_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.24.4-1.el9_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.24.4-1.el9_6.noarch",
"product": {
"name": "golang-tests-0:1.24.4-1.el9_6.noarch",
"product_id": "golang-tests-0:1.24.4-1.el9_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.24.4-1.el9_6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.4-1.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.aarch64"
},
"product_reference": "go-toolset-0:1.24.4-1.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.4-1.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.ppc64le"
},
"product_reference": "go-toolset-0:1.24.4-1.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.4-1.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.s390x"
},
"product_reference": "go-toolset-0:1.24.4-1.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.4-1.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.x86_64"
},
"product_reference": "go-toolset-0:1.24.4-1.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.aarch64"
},
"product_reference": "golang-0:1.24.4-1.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.ppc64le"
},
"product_reference": "golang-0:1.24.4-1.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.s390x"
},
"product_reference": "golang-0:1.24.4-1.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el9_6.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.src"
},
"product_reference": "golang-0:1.24.4-1.el9_6.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.x86_64"
},
"product_reference": "golang-0:1.24.4-1.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.4-1.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.aarch64"
},
"product_reference": "golang-bin-0:1.24.4-1.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.4-1.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.ppc64le"
},
"product_reference": "golang-bin-0:1.24.4-1.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.4-1.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.s390x"
},
"product_reference": "golang-bin-0:1.24.4-1.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.4-1.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.x86_64"
},
"product_reference": "golang-bin-0:1.24.4-1.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.24.4-1.el9_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.4-1.el9_6.noarch"
},
"product_reference": "golang-docs-0:1.24.4-1.el9_6.noarch",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.24.4-1.el9_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.4-1.el9_6.noarch"
},
"product_reference": "golang-misc-0:1.24.4-1.el9_6.noarch",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.4-1.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.aarch64"
},
"product_reference": "golang-race-0:1.24.4-1.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.4-1.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.ppc64le"
},
"product_reference": "golang-race-0:1.24.4-1.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.4-1.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.s390x"
},
"product_reference": "golang-race-0:1.24.4-1.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.4-1.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.x86_64"
},
"product_reference": "golang-race-0:1.24.4-1.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.24.4-1.el9_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.4-1.el9_6.noarch"
},
"product_reference": "golang-src-0:1.24.4-1.el9_6.noarch",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.24.4-1.el9_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.4-1.el9_6.noarch"
},
"product_reference": "golang-tests-0:1.24.4-1.el9_6.noarch",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4673",
"discovery_date": "2025-06-18T06:34:57.662025+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373305"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect responses, unintentionally exposing authentication details to unauthorized parties.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The issue is rated as Moderate because while it can lead to a significant compromise of confidentiality, the attack complexity is high. Successful exploitation requires a specific set of circumstances, including the use of a proxy that relies on these headers for authentication and a user being enticed to interact with a malicious URL. The vulnerability does not allow for arbitrary code execution or a direct compromise of system integrity or availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.4-1.el9_6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "RHBZ#2373305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373305"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"category": "external",
"summary": "https://go.dev/cl/679257",
"url": "https://go.dev/cl/679257"
},
{
"category": "external",
"summary": "https://go.dev/issue/73816",
"url": "https://go.dev/issue/73816"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3751",
"url": "https://pkg.go.dev/vuln/GO-2025-3751"
}
],
"release_date": "2025-06-11T16:42:53.054000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T00:58:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.4-1.el9_6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.4-1.el9_6.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.4-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.4-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.4-1.el9_6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http"
}
]
}
rhsa-2025:10677
Vulnerability from csaf_redhat
Published
2025-07-09 00:55
Modified
2025-09-10 15:31
Summary
Red Hat Security Advisory: golang security update
Notes
Topic
An update for golang is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The golang packages provide the Go programming language compiler.
Security Fix(es):
* net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10677",
"url": "https://access.redhat.com/errata/RHSA-2025:10677"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2373305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373305"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10677.json"
}
],
"title": "Red Hat Security Advisory: golang security update",
"tracking": {
"current_release_date": "2025-09-10T15:31:56+00:00",
"generator": {
"date": "2025-09-10T15:31:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.7"
}
},
"id": "RHSA-2025:10677",
"initial_release_date": "2025-07-09T00:55:31+00:00",
"revision_history": [
{
"date": "2025-07-09T00:55:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-09T00:55:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-10T15:31:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.4-1.el10_0.aarch64",
"product": {
"name": "go-toolset-0:1.24.4-1.el10_0.aarch64",
"product_id": "go-toolset-0:1.24.4-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el10_0.aarch64",
"product": {
"name": "golang-0:1.24.4-1.el10_0.aarch64",
"product_id": "golang-0:1.24.4-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.4-1.el10_0.aarch64",
"product": {
"name": "golang-bin-0:1.24.4-1.el10_0.aarch64",
"product_id": "golang-bin-0:1.24.4-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.4-1.el10_0.aarch64",
"product": {
"name": "golang-race-0:1.24.4-1.el10_0.aarch64",
"product_id": "golang-race-0:1.24.4-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.4-1.el10_0?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.4-1.el10_0.ppc64le",
"product": {
"name": "go-toolset-0:1.24.4-1.el10_0.ppc64le",
"product_id": "go-toolset-0:1.24.4-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el10_0.ppc64le",
"product": {
"name": "golang-0:1.24.4-1.el10_0.ppc64le",
"product_id": "golang-0:1.24.4-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.4-1.el10_0.ppc64le",
"product": {
"name": "golang-bin-0:1.24.4-1.el10_0.ppc64le",
"product_id": "golang-bin-0:1.24.4-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.4-1.el10_0.ppc64le",
"product": {
"name": "golang-race-0:1.24.4-1.el10_0.ppc64le",
"product_id": "golang-race-0:1.24.4-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.4-1.el10_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.4-1.el10_0.x86_64",
"product": {
"name": "go-toolset-0:1.24.4-1.el10_0.x86_64",
"product_id": "go-toolset-0:1.24.4-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el10_0.x86_64",
"product": {
"name": "golang-0:1.24.4-1.el10_0.x86_64",
"product_id": "golang-0:1.24.4-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.4-1.el10_0.x86_64",
"product": {
"name": "golang-bin-0:1.24.4-1.el10_0.x86_64",
"product_id": "golang-bin-0:1.24.4-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.4-1.el10_0.x86_64",
"product": {
"name": "golang-race-0:1.24.4-1.el10_0.x86_64",
"product_id": "golang-race-0:1.24.4-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.4-1.el10_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.4-1.el10_0.s390x",
"product": {
"name": "go-toolset-0:1.24.4-1.el10_0.s390x",
"product_id": "go-toolset-0:1.24.4-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el10_0.s390x",
"product": {
"name": "golang-0:1.24.4-1.el10_0.s390x",
"product_id": "golang-0:1.24.4-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.4-1.el10_0.s390x",
"product": {
"name": "golang-bin-0:1.24.4-1.el10_0.s390x",
"product_id": "golang-bin-0:1.24.4-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.4-1.el10_0.s390x",
"product": {
"name": "golang-race-0:1.24.4-1.el10_0.s390x",
"product_id": "golang-race-0:1.24.4-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.4-1.el10_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.24.4-1.el10_0.src",
"product": {
"name": "golang-0:1.24.4-1.el10_0.src",
"product_id": "golang-0:1.24.4-1.el10_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.el10_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.24.4-1.el10_0.noarch",
"product": {
"name": "golang-docs-0:1.24.4-1.el10_0.noarch",
"product_id": "golang-docs-0:1.24.4-1.el10_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.24.4-1.el10_0?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.24.4-1.el10_0.noarch",
"product": {
"name": "golang-misc-0:1.24.4-1.el10_0.noarch",
"product_id": "golang-misc-0:1.24.4-1.el10_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.24.4-1.el10_0?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.24.4-1.el10_0.noarch",
"product": {
"name": "golang-src-0:1.24.4-1.el10_0.noarch",
"product_id": "golang-src-0:1.24.4-1.el10_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.24.4-1.el10_0?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.24.4-1.el10_0.noarch",
"product": {
"name": "golang-tests-0:1.24.4-1.el10_0.noarch",
"product_id": "golang-tests-0:1.24.4-1.el10_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.24.4-1.el10_0?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.4-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.aarch64"
},
"product_reference": "go-toolset-0:1.24.4-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.4-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.ppc64le"
},
"product_reference": "go-toolset-0:1.24.4-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.4-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.s390x"
},
"product_reference": "go-toolset-0:1.24.4-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.4-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.x86_64"
},
"product_reference": "go-toolset-0:1.24.4-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.aarch64"
},
"product_reference": "golang-0:1.24.4-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.ppc64le"
},
"product_reference": "golang-0:1.24.4-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.s390x"
},
"product_reference": "golang-0:1.24.4-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el10_0.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.src"
},
"product_reference": "golang-0:1.24.4-1.el10_0.src",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.4-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.x86_64"
},
"product_reference": "golang-0:1.24.4-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.4-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.aarch64"
},
"product_reference": "golang-bin-0:1.24.4-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.4-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.ppc64le"
},
"product_reference": "golang-bin-0:1.24.4-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.4-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.s390x"
},
"product_reference": "golang-bin-0:1.24.4-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.4-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.x86_64"
},
"product_reference": "golang-bin-0:1.24.4-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.24.4-1.el10_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-docs-0:1.24.4-1.el10_0.noarch"
},
"product_reference": "golang-docs-0:1.24.4-1.el10_0.noarch",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.24.4-1.el10_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-misc-0:1.24.4-1.el10_0.noarch"
},
"product_reference": "golang-misc-0:1.24.4-1.el10_0.noarch",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.4-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.aarch64"
},
"product_reference": "golang-race-0:1.24.4-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.4-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.ppc64le"
},
"product_reference": "golang-race-0:1.24.4-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.4-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.s390x"
},
"product_reference": "golang-race-0:1.24.4-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.4-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.x86_64"
},
"product_reference": "golang-race-0:1.24.4-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.24.4-1.el10_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-src-0:1.24.4-1.el10_0.noarch"
},
"product_reference": "golang-src-0:1.24.4-1.el10_0.noarch",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.24.4-1.el10_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-tests-0:1.24.4-1.el10_0.noarch"
},
"product_reference": "golang-tests-0:1.24.4-1.el10_0.noarch",
"relates_to_product_reference": "AppStream-10.0.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4673",
"discovery_date": "2025-06-18T06:34:57.662025+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373305"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect responses, unintentionally exposing authentication details to unauthorized parties.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The issue is rated as Moderate because while it can lead to a significant compromise of confidentiality, the attack complexity is high. Successful exploitation requires a specific set of circumstances, including the use of a proxy that relies on these headers for authentication and a user being enticed to interact with a malicious URL. The vulnerability does not allow for arbitrary code execution or a direct compromise of system integrity or availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.4-1.el10_0.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "RHBZ#2373305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373305"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"category": "external",
"summary": "https://go.dev/cl/679257",
"url": "https://go.dev/cl/679257"
},
{
"category": "external",
"summary": "https://go.dev/issue/73816",
"url": "https://go.dev/issue/73816"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3751",
"url": "https://pkg.go.dev/vuln/GO-2025-3751"
}
],
"release_date": "2025-06-11T16:42:53.054000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T00:55:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.4-1.el10_0.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10677"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.4-1.el10_0.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.4-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.4-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.4-1.el10_0.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http"
}
]
}
rhsa-2025:10672
Vulnerability from csaf_redhat
Published
2025-07-09 00:58
Modified
2025-09-10 15:31
Summary
Red Hat Security Advisory: go-toolset:rhel8 security update
Notes
Topic
An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* net/http: Sensitive headers not cleared on cross-origin redirect in net/http (CVE-2025-4673)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10672",
"url": "https://access.redhat.com/errata/RHSA-2025:10672"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2373305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373305"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10672.json"
}
],
"title": "Red Hat Security Advisory: go-toolset:rhel8 security update",
"tracking": {
"current_release_date": "2025-09-10T15:31:55+00:00",
"generator": {
"date": "2025-09-10T15:31:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.7"
}
},
"id": "RHSA-2025:10672",
"initial_release_date": "2025-07-09T00:58:21+00:00",
"revision_history": [
{
"date": "2025-07-09T00:58:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-09T00:58:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-10T15:31:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.src.rpm-go-toolset:rhel8",
"product": {
"name": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.src.rpm (go-toolset:rhel8)",
"product_id": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.src.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.24.1-1.module%2Bel8.10.0%2B22945%2Bb2c96a17?arch=src\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm-go-toolset:rhel8",
"product": {
"name": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm (go-toolset:rhel8)",
"product_id": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=src\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm-go-toolset:rhel8",
"product": {
"name": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm (go-toolset:rhel8)",
"product_id": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=src\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"product": {
"name": "golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm (go-toolset:rhel8)",
"product_id": "golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"product": {
"name": "golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm (go-toolset:rhel8)",
"product_id": "golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"product": {
"name": "golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm (go-toolset:rhel8)",
"product_id": "golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"product": {
"name": "golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm (go-toolset:rhel8)",
"product_id": "golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"product": {
"name": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm (go-toolset:rhel8)",
"product_id": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.24.1-1.module%2Bel8.10.0%2B22945%2Bb2c96a17?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm (go-toolset:rhel8)",
"product_id": "delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.24.1-1.module%2Bel8.10.0%2B22945%2Bb2c96a17?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"product": {
"name": "delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm (go-toolset:rhel8)",
"product_id": "delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.24.1-1.module%2Bel8.10.0%2B22945%2Bb2c96a17?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"product": {
"name": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm (go-toolset:rhel8)",
"product_id": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"product": {
"name": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm (go-toolset:rhel8)",
"product_id": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"product": {
"name": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm (go-toolset:rhel8)",
"product_id": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"product": {
"name": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm (go-toolset:rhel8)",
"product_id": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.24.1-1.module%2Bel8.10.0%2B22945%2Bb2c96a17?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm (go-toolset:rhel8)",
"product_id": "delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.24.1-1.module%2Bel8.10.0%2B22945%2Bb2c96a17?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"product": {
"name": "delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm (go-toolset:rhel8)",
"product_id": "delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.24.1-1.module%2Bel8.10.0%2B22945%2Bb2c96a17?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"product": {
"name": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm (go-toolset:rhel8)",
"product_id": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"product": {
"name": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm (go-toolset:rhel8)",
"product_id": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"product": {
"name": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm (go-toolset:rhel8)",
"product_id": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"product": {
"name": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm (go-toolset:rhel8)",
"product_id": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.24.1-1.module%2Bel8.10.0%2B22945%2Bb2c96a17?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm (go-toolset:rhel8)",
"product_id": "delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.24.1-1.module%2Bel8.10.0%2B22945%2Bb2c96a17?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"product": {
"name": "delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm (go-toolset:rhel8)",
"product_id": "delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.24.1-1.module%2Bel8.10.0%2B22945%2Bb2c96a17?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"product": {
"name": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm (go-toolset:rhel8)",
"product_id": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"product": {
"name": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm (go-toolset:rhel8)",
"product_id": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"product": {
"name": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm (go-toolset:rhel8)",
"product_id": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"product": {
"name": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm (go-toolset:rhel8)",
"product_id": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"product": {
"name": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm (go-toolset:rhel8)",
"product_id": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"product": {
"name": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm (go-toolset:rhel8)",
"product_id": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.4-1.module%2Bel8.10.0%2B23323%2B67916f33?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020250705224704:a3795dee"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8"
},
"product_reference": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8"
},
"product_reference": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.src.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.src.rpm-go-toolset:rhel8"
},
"product_reference": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.src.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8"
},
"product_reference": "delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8"
},
"product_reference": "delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8"
},
"product_reference": "delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8"
},
"product_reference": "delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8"
},
"product_reference": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8"
},
"product_reference": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8"
},
"product_reference": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm-go-toolset:rhel8"
},
"product_reference": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8"
},
"product_reference": "go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8"
},
"product_reference": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8"
},
"product_reference": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8"
},
"product_reference": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm-go-toolset:rhel8"
},
"product_reference": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8"
},
"product_reference": "golang-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8"
},
"product_reference": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8"
},
"product_reference": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8"
},
"product_reference": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8"
},
"product_reference": "golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8"
},
"product_reference": "golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8"
},
"product_reference": "golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8"
},
"product_reference": "golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8"
},
"product_reference": "golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4673",
"discovery_date": "2025-06-18T06:34:57.662025+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373305"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect responses, unintentionally exposing authentication details to unauthorized parties.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The issue is rated as Moderate because while it can lead to a significant compromise of confidentiality, the attack complexity is high. Successful exploitation requires a specific set of circumstances, including the use of a proxy that relies on these headers for authentication and a user being enticed to interact with a malicious URL. The vulnerability does not allow for arbitrary code execution or a direct compromise of system integrity or availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.src.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "RHBZ#2373305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373305"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"category": "external",
"summary": "https://go.dev/cl/679257",
"url": "https://go.dev/cl/679257"
},
{
"category": "external",
"summary": "https://go.dev/issue/73816",
"url": "https://go.dev/issue/73816"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3751",
"url": "https://pkg.go.dev/vuln/GO-2025-3751"
}
],
"release_date": "2025-06-11T16:42:53.054000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T00:58:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.src.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10672"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.src.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.src.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-1.24.1-1.module+el8.10.0+22945+b2c96a17.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.src.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.aarch64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.ppc64le.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.s390x.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-1.24.4-1.module+el8.10.0+23323+67916f33.x86_64.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-1.24.4-1.module+el8.10.0+23323+67916f33.noarch.rpm-go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Sensitive headers not cleared on cross-origin redirect in net/http"
}
]
}
fkie_cve-2025-4673
Vulnerability from fkie_nvd
Published
2025-06-11 17:15
Modified
2025-06-12 16:06
Severity ?
Summary
Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information."
},
{
"lang": "es",
"value": "Los encabezados Proxy-Authorization y Proxy-Authenticate persistieron en redirecciones de origen cruzado, lo que potencialmente filtr\u00f3 informaci\u00f3n confidencial."
}
],
"id": "CVE-2025-4673",
"lastModified": "2025-06-12T16:06:20.180",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 4.0,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-06-11T17:15:42.993",
"references": [
{
"source": "security@golang.org",
"url": "https://go.dev/cl/679257"
},
{
"source": "security@golang.org",
"url": "https://go.dev/issue/73816"
},
{
"source": "security@golang.org",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"source": "security@golang.org",
"url": "https://pkg.go.dev/vuln/GO-2025-3751"
}
],
"sourceIdentifier": "security@golang.org",
"vulnStatus": "Awaiting Analysis"
}
opensuse-su-2025:15225-1
Vulnerability from csaf_opensuse
Published
2025-07-03 00:00
Modified
2025-07-03 00:00
Summary
govulncheck-vulndb-0.0.20250612T141001-1.1 on GA media
Notes
Title of the patch
govulncheck-vulndb-0.0.20250612T141001-1.1 on GA media
Description of the patch
These are all security issues fixed in the govulncheck-vulndb-0.0.20250612T141001-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15225
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "govulncheck-vulndb-0.0.20250612T141001-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the govulncheck-vulndb-0.0.20250612T141001-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15225",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15225-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36846 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31022 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-42818 page",
"url": "https://www.suse.com/security/cve/CVE-2023-42818/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-1792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-1792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22874 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-25207 page",
"url": "https://www.suse.com/security/cve/CVE-2025-25207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-25208 page",
"url": "https://www.suse.com/security/cve/CVE-2025-25208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-2571 page",
"url": "https://www.suse.com/security/cve/CVE-2025-2571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-29785 page",
"url": "https://www.suse.com/security/cve/CVE-2025-29785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3230 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3230/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3260 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3260/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3454 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3454/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3611 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4128 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4128/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4573 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4573/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4673 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47950 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48494 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48494/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48495 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48710 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48938 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48949 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49011 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49136 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49140/"
}
],
"title": "govulncheck-vulndb-0.0.20250612T141001-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15225-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"product": {
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"product_id": "govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"product": {
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"product_id": "govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"product": {
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"product_id": "govulncheck-vulndb-0.0.20250612T141001-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64",
"product": {
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64",
"product_id": "govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64"
},
"product_reference": "govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le"
},
"product_reference": "govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x"
},
"product_reference": "govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
},
"product_reference": "govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36846"
}
],
"notes": [
{
"category": "general",
"text": "A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library. Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a \"one-shot\" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your IO::Compress::Brotli module to 0.007 or later. If one cannot update, we recommend to use the \"streaming\" API as opposed to the \"one-shot\" API, and impose chunk size limits.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36846",
"url": "https://www.suse.com/security/cve/CVE-2020-36846"
},
{
"category": "external",
"summary": "SUSE Bug 1175825 for CVE-2020-36846",
"url": "https://bugzilla.suse.com/1175825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2020-36846"
},
{
"cve": "CVE-2022-31022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31022"
}
],
"notes": [
{
"category": "general",
"text": "Bleve is a text indexing library for go. Bleve includes HTTP utilities under bleve/http package, that are used by its sample application. These HTTP methods pave way for exploitation of a node\u0027s filesystem where the bleve index resides, if the user has used bleve\u0027s own HTTP (bleve/http) handlers for exposing the access to the indexes. For instance, the CreateIndexHandler (`http/index_create.go`) and DeleteIndexHandler (`http/index_delete.go`) enable an attacker to create a bleve index (directory structure) anywhere where the user running the server has the write permissions and to delete recursively any directory owned by the same user account. Users who have used the bleve/http package for exposing access to bleve index without the explicit \nhandling for the Role Based Access Controls(RBAC) of the index assets would be impacted by this issue. Version 2.5.0 relocated the `http/` dir used _only_ by bleve-explorer to `blevesearch/bleve-explorer`, thereby addressing the issue. However, the http package is purely intended to be used for demonstration purposes. Bleve was never designed handle the RBACs, nor it was ever advertised to be used in that way. The collaborators of this project have decided to stay away from adding any authentication or authorization to bleve project at the moment. The bleve/http package is mainly for demonstration purposes and it lacks exhaustive validation of the user inputs as well as any authentication and authorization measures. It is recommended to not use bleve/http in production use cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31022",
"url": "https://www.suse.com/security/cve/CVE-2022-31022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-31022"
},
{
"cve": "CVE-2023-42818",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-42818"
}
],
"notes": [
{
"category": "general",
"text": "JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by utilizing a disclosed public key to attempt brute-force authentication against the SSH service This issue has been patched in versions 3.6.5 and 3.5.6. Users are advised to upgrade. There are no known workarounds for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-42818",
"url": "https://www.suse.com/security/cve/CVE-2023-42818"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-42818"
},
{
"cve": "CVE-2025-0913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0913"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0913",
"url": "https://www.suse.com/security/cve/CVE-2025-0913"
},
{
"category": "external",
"summary": "SUSE Bug 1244157 for CVE-2025-0913",
"url": "https://bugzilla.suse.com/1244157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-0913"
},
{
"cve": "CVE-2025-1792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-1792"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.7.x \u003c= 10.7.0, 10.5.x \u003c= 10.5.3, 9.11.x \u003c= 9.11.12 fail to properly enforce access controls for guest users accessing channel member information, allowing authenticated guest users to view metadata about members of public channels via the channel members API endpoint.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-1792",
"url": "https://www.suse.com/security/cve/CVE-2025-1792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-1792"
},
{
"cve": "CVE-2025-22874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22874"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22874",
"url": "https://www.suse.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "SUSE Bug 1244158 for CVE-2025-22874",
"url": "https://bugzilla.suse.com/1244158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22874"
},
{
"cve": "CVE-2025-25207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-25207"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-25207",
"url": "https://www.suse.com/security/cve/CVE-2025-25207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-25207"
},
{
"cve": "CVE-2025-25208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-25208"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-25208",
"url": "https://www.suse.com/security/cve/CVE-2025-25208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-25208"
},
{
"cve": "CVE-2025-2571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-2571"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.7.x \u003c= 10.7.0, 10.6.x \u003c= 10.6.2, 10.5.x \u003c= 10.5.3, 9.11.x \u003c= 9.11.12 fail to clear Google OAuth credentials when converting user accounts to bot accounts, allowing attackers to gain unauthorized access to bot accounts via the Google OAuth signup flow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-2571",
"url": "https://www.suse.com/security/cve/CVE-2025-2571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-2571"
},
{
"cve": "CVE-2025-29785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-29785"
}
],
"notes": [
{
"category": "general",
"text": "quic-go is an implementation of the QUIC protocol in Go. The loss recovery logic for path probe packets that was added in the v0.50.0 release can be used to trigger a nil-pointer dereference by a malicious QUIC client. In order to do so, the attacker first sends valid QUIC packets from different remote addresses (thereby triggering the newly added path validation logic: the server sends path probe packets), and then sending ACKs for packets received from the server specifically crafted to trigger the nil-pointer dereference. v0.50.1 contains a patch that fixes the vulnerability. This release contains a test that generates random sequences of sent packets (both regular and path probe packets), that was used to verify that the patch actually covers all corner cases. No known workarounds are available.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-29785",
"url": "https://www.suse.com/security/cve/CVE-2025-29785"
},
{
"category": "external",
"summary": "SUSE Bug 1243936 for CVE-2025-29785",
"url": "https://bugzilla.suse.com/1243936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-29785"
},
{
"cve": "CVE-2025-3230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3230"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.7.x \u003c= 10.7.0, 10.6.x \u003c= 10.6.2, 10.5.x \u003c= 10.5.3, 9.11.x \u003c= 9.11.12 fails to properly invalidate personal access tokens upon user deactivation, allowing deactivated users to maintain full system access by exploiting access token validation flaws via continued usage of previously issued tokens.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3230",
"url": "https://www.suse.com/security/cve/CVE-2025-3230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-3230"
},
{
"cve": "CVE-2025-3260",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3260"
}
],
"notes": [
{
"category": "general",
"text": "A security vulnerability in the /apis/dashboard.grafana.app/* endpoints allows authenticated users to bypass dashboard and folder permissions. The vulnerability affects all API versions (v0alpha1, v1alpha1, v2alpha1).\n\nImpact:\n\n- Viewers can view all dashboards/folders regardless of permissions\n\n- Editors can view/edit/delete all dashboards/folders regardless of permissions\n\n- Editors can create dashboards in any folder regardless of permissions\n\n- Anonymous users with viewer/editor roles are similarly affected\n\nOrganization isolation boundaries remain intact. The vulnerability only affects dashboard access and does not grant access to datasources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3260",
"url": "https://www.suse.com/security/cve/CVE-2025-3260"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-3260"
},
{
"cve": "CVE-2025-3454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3454"
}
],
"notes": [
{
"category": "general",
"text": "This vulnerability in Grafana\u0027s datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path.\n\nUsers with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources.\n\nThe issue primarily affects datasources that implement route-specific permissions, including Alertmanager and certain Prometheus-based datasources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3454",
"url": "https://www.suse.com/security/cve/CVE-2025-3454"
},
{
"category": "external",
"summary": "SUSE Bug 1241683 for CVE-2025-3454",
"url": "https://bugzilla.suse.com/1241683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-3454"
},
{
"cve": "CVE-2025-3611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3611"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.7.x \u003c= 10.7.0, 10.5.x \u003c= 10.5.3, 9.11.x \u003c= 9.11.12 fails to properly enforce access control restrictions for System Manager roles, allowing authenticated users with System Manager privileges to view team details they should not have access to via direct API requests to team endpoints, even when explicitly configured with \u0027No access\u0027 to Teams in the System Console.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3611",
"url": "https://www.suse.com/security/cve/CVE-2025-3611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-3611"
},
{
"cve": "CVE-2025-3913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3913"
}
],
"notes": [
{
"category": "general",
"text": "Mattermost versions 10.7.x \u003c= 10.7.0, 10.6.x \u003c= 10.6.2, 10.5.x \u003c= 10.5.3, 9.11.x \u003c= 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the \u0027invite user\u0027 permission to access and modify team invite IDs via the /api/v4/teams/:teamId/privacy endpoint.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3913",
"url": "https://www.suse.com/security/cve/CVE-2025-3913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-3913"
},
{
"cve": "CVE-2025-4128",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4128"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4128",
"url": "https://www.suse.com/security/cve/CVE-2025-4128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-4128"
},
{
"cve": "CVE-2025-4573",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4573"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4573",
"url": "https://www.suse.com/security/cve/CVE-2025-4573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-4573"
},
{
"cve": "CVE-2025-4673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4673"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4673",
"url": "https://www.suse.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "SUSE Bug 1244156 for CVE-2025-4673",
"url": "https://bugzilla.suse.com/1244156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-4673"
},
{
"cve": "CVE-2025-47950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47950"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47950",
"url": "https://www.suse.com/security/cve/CVE-2025-47950"
},
{
"category": "external",
"summary": "SUSE Bug 1244331 for CVE-2025-47950",
"url": "https://bugzilla.suse.com/1244331"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47950"
},
{
"cve": "CVE-2025-48494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48494"
}
],
"notes": [
{
"category": "general",
"text": "Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. When using end-to-end encryption, a stored cross-site scripting vulnerability can be exploited by uploading a file with JavaScript code embedded in the filename. After upload and every time someone opens the upload list, the script is then parsed. Prior to version 2.0.0, there was no user permission system implemented, therefore all authenticated users were already able to see and modify all resources, even if end-to-end encrypted, as the encryption key had to be the same for all users using a version prior to 2.0.0. If a user is the only authenticated user using Gokapi, they are not affected. This issue has been fixed in v2.0.0. A possible workaround would be to disable end-to-end encryption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48494",
"url": "https://www.suse.com/security/cve/CVE-2025-48494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-48494"
},
{
"cve": "CVE-2025-48495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48495"
}
],
"notes": [
{
"category": "general",
"text": "Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. By renaming the friendly name of an API key, an authenticated user could inject JS into the API key overview, which would also be executed when another user clicks on his API tab. Prior to version 2.0.0, there was no user permission system implemented, therefore all authenticated users were already able to see and modify all resources, even if end-to-end encrypted, as the encryption key had to be the same for all users of versions prior to 2.0.0. If a user is the only authenticated user using Gokapi, they are not affected. This issue has been fixed in v2.0.0. A workaround would be to not open the API page if it is possible that another user might have injected code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48495",
"url": "https://www.suse.com/security/cve/CVE-2025-48495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-48495"
},
{
"cve": "CVE-2025-48710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48710"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48710",
"url": "https://www.suse.com/security/cve/CVE-2025-48710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-48710"
},
{
"cve": "CVE-2025-48865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48865"
}
],
"notes": [
{
"category": "general",
"text": "Fabio is an HTTP(S) and TCP router for deploying applications managed by consul. Prior to version 1.6.6, Fabio allows clients to remove X-Forwarded headers (except X-Forwarded-For) due to a vulnerability in how it processes hop-by-hop headers. Fabio adds HTTP headers like X-Forwarded-Host and X-Forwarded-Port when routing requests to backend applications. Since the receiving application should trust these headers, allowing HTTP clients to remove or modify them creates potential security vulnerabilities. Some of these custom headers can be removed and, in certain cases, manipulated. The attack relies on the behavior that headers can be defined as hop-by-hop via the HTTP Connection header. This issue has been patched in version 1.6.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48865",
"url": "https://www.suse.com/security/cve/CVE-2025-48865"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2025-48865"
},
{
"cve": "CVE-2025-48938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48938"
}
],
"notes": [
{
"category": "general",
"text": "go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has been identified in versions prior to 2.12.1 where an attacker-controlled GitHub Enterprise Server could result in executing arbitrary commands on a user\u0027s machine by replacing HTTP URLs provided by GitHub with local file paths for browsing. In `2.12.1`, `Browser.Browse()` has been enhanced to allow and disallow a variety of scenarios to avoid opening or executing files on the filesystem without unduly impacting HTTP URLs. No known workarounds are available other than upgrading.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48938",
"url": "https://www.suse.com/security/cve/CVE-2025-48938"
},
{
"category": "external",
"summary": "SUSE Bug 1243930 for CVE-2025-48938",
"url": "https://bugzilla.suse.com/1243930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-48938"
},
{
"cve": "CVE-2025-48948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48948"
}
],
"notes": [
{
"category": "general",
"text": "Navidrome is an open source web-based music collection server and streamer. A permission verification flaw in versions prior to 0.56.0 allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating, modifying, and deleting transcoding settings. In the threat model where administrators are trusted but regular users are not, this vulnerability represents a significant security risk when transcoding is enabled. Version 0.56.0 patches the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48948",
"url": "https://www.suse.com/security/cve/CVE-2025-48948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-48948"
},
{
"cve": "CVE-2025-48949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48949"
}
],
"notes": [
{
"category": "general",
"text": "Navidrome is an open source web-based music collection server and streamer. Versions 0.55.0 through 0.55.2 have a vulnerability due to improper input validation on the `role` parameter within the API endpoint `/api/artist`. Attackers can exploit this flaw to inject arbitrary SQL queries, potentially gaining unauthorized access to the backend database and compromising sensitive user information. Version 0.56.0 contains a patch for the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48949",
"url": "https://www.suse.com/security/cve/CVE-2025-48949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-48949"
},
{
"cve": "CVE-2025-49011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49011"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49011",
"url": "https://www.suse.com/security/cve/CVE-2025-49011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-49011"
},
{
"cve": "CVE-2025-49136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49136"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49136",
"url": "https://www.suse.com/security/cve/CVE-2025-49136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-49136"
},
{
"cve": "CVE-2025-49140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49140"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49140",
"url": "https://www.suse.com/security/cve/CVE-2025-49140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250612T141001-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-49140"
}
]
}
opensuse-su-2025:15224-1
Vulnerability from csaf_opensuse
Published
2025-07-03 00:00
Modified
2025-07-03 00:00
Summary
go1.24-1.24.4-1.1 on GA media
Notes
Title of the patch
go1.24-1.24.4-1.1 on GA media
Description of the patch
These are all security issues fixed in the go1.24-1.24.4-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15224
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go1.24-1.24.4-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go1.24-1.24.4-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15224",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15224-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22874 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4673 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4673/"
}
],
"title": "go1.24-1.24.4-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15224-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.4-1.1.aarch64",
"product": {
"name": "go1.24-1.24.4-1.1.aarch64",
"product_id": "go1.24-1.24.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.4-1.1.aarch64",
"product": {
"name": "go1.24-doc-1.24.4-1.1.aarch64",
"product_id": "go1.24-doc-1.24.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.4-1.1.aarch64",
"product": {
"name": "go1.24-libstd-1.24.4-1.1.aarch64",
"product_id": "go1.24-libstd-1.24.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.4-1.1.aarch64",
"product": {
"name": "go1.24-race-1.24.4-1.1.aarch64",
"product_id": "go1.24-race-1.24.4-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.4-1.1.ppc64le",
"product": {
"name": "go1.24-1.24.4-1.1.ppc64le",
"product_id": "go1.24-1.24.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.4-1.1.ppc64le",
"product": {
"name": "go1.24-doc-1.24.4-1.1.ppc64le",
"product_id": "go1.24-doc-1.24.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.4-1.1.ppc64le",
"product": {
"name": "go1.24-libstd-1.24.4-1.1.ppc64le",
"product_id": "go1.24-libstd-1.24.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.4-1.1.ppc64le",
"product": {
"name": "go1.24-race-1.24.4-1.1.ppc64le",
"product_id": "go1.24-race-1.24.4-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.4-1.1.s390x",
"product": {
"name": "go1.24-1.24.4-1.1.s390x",
"product_id": "go1.24-1.24.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.4-1.1.s390x",
"product": {
"name": "go1.24-doc-1.24.4-1.1.s390x",
"product_id": "go1.24-doc-1.24.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.4-1.1.s390x",
"product": {
"name": "go1.24-libstd-1.24.4-1.1.s390x",
"product_id": "go1.24-libstd-1.24.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.4-1.1.s390x",
"product": {
"name": "go1.24-race-1.24.4-1.1.s390x",
"product_id": "go1.24-race-1.24.4-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.4-1.1.x86_64",
"product": {
"name": "go1.24-1.24.4-1.1.x86_64",
"product_id": "go1.24-1.24.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.4-1.1.x86_64",
"product": {
"name": "go1.24-doc-1.24.4-1.1.x86_64",
"product_id": "go1.24-doc-1.24.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.4-1.1.x86_64",
"product": {
"name": "go1.24-libstd-1.24.4-1.1.x86_64",
"product_id": "go1.24-libstd-1.24.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.4-1.1.x86_64",
"product": {
"name": "go1.24-race-1.24.4-1.1.x86_64",
"product_id": "go1.24-race-1.24.4-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64"
},
"product_reference": "go1.24-1.24.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le"
},
"product_reference": "go1.24-1.24.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x"
},
"product_reference": "go1.24-1.24.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64"
},
"product_reference": "go1.24-1.24.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le"
},
"product_reference": "go1.24-doc-1.24.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x"
},
"product_reference": "go1.24-doc-1.24.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64"
},
"product_reference": "go1.24-libstd-1.24.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le"
},
"product_reference": "go1.24-libstd-1.24.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x"
},
"product_reference": "go1.24-libstd-1.24.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64"
},
"product_reference": "go1.24-libstd-1.24.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64"
},
"product_reference": "go1.24-race-1.24.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le"
},
"product_reference": "go1.24-race-1.24.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x"
},
"product_reference": "go1.24-race-1.24.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
},
"product_reference": "go1.24-race-1.24.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0913"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0913",
"url": "https://www.suse.com/security/cve/CVE-2025-0913"
},
{
"category": "external",
"summary": "SUSE Bug 1244157 for CVE-2025-0913",
"url": "https://bugzilla.suse.com/1244157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-0913"
},
{
"cve": "CVE-2025-22874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22874"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22874",
"url": "https://www.suse.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "SUSE Bug 1244158 for CVE-2025-22874",
"url": "https://bugzilla.suse.com/1244158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22874"
},
{
"cve": "CVE-2025-4673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4673"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4673",
"url": "https://www.suse.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "SUSE Bug 1244156 for CVE-2025-4673",
"url": "https://bugzilla.suse.com/1244156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.4-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-4673"
}
]
}
opensuse-su-2025:15223-1
Vulnerability from csaf_opensuse
Published
2025-07-03 00:00
Modified
2025-07-03 00:00
Summary
go1.23-1.23.10-1.1 on GA media
Notes
Title of the patch
go1.23-1.23.10-1.1 on GA media
Description of the patch
These are all security issues fixed in the go1.23-1.23.10-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15223
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go1.23-1.23.10-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go1.23-1.23.10-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15223",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15223-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4673 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4673/"
}
],
"title": "go1.23-1.23.10-1.1 on GA media",
"tracking": {
"current_release_date": "2025-07-03T00:00:00Z",
"generator": {
"date": "2025-07-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15223-1",
"initial_release_date": "2025-07-03T00:00:00Z",
"revision_history": [
{
"date": "2025-07-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.23-1.23.10-1.1.aarch64",
"product": {
"name": "go1.23-1.23.10-1.1.aarch64",
"product_id": "go1.23-1.23.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.23-doc-1.23.10-1.1.aarch64",
"product": {
"name": "go1.23-doc-1.23.10-1.1.aarch64",
"product_id": "go1.23-doc-1.23.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.23-libstd-1.23.10-1.1.aarch64",
"product": {
"name": "go1.23-libstd-1.23.10-1.1.aarch64",
"product_id": "go1.23-libstd-1.23.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.23-race-1.23.10-1.1.aarch64",
"product": {
"name": "go1.23-race-1.23.10-1.1.aarch64",
"product_id": "go1.23-race-1.23.10-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-1.23.10-1.1.ppc64le",
"product": {
"name": "go1.23-1.23.10-1.1.ppc64le",
"product_id": "go1.23-1.23.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.23-doc-1.23.10-1.1.ppc64le",
"product": {
"name": "go1.23-doc-1.23.10-1.1.ppc64le",
"product_id": "go1.23-doc-1.23.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.23-libstd-1.23.10-1.1.ppc64le",
"product": {
"name": "go1.23-libstd-1.23.10-1.1.ppc64le",
"product_id": "go1.23-libstd-1.23.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.23-race-1.23.10-1.1.ppc64le",
"product": {
"name": "go1.23-race-1.23.10-1.1.ppc64le",
"product_id": "go1.23-race-1.23.10-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-1.23.10-1.1.s390x",
"product": {
"name": "go1.23-1.23.10-1.1.s390x",
"product_id": "go1.23-1.23.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.23-doc-1.23.10-1.1.s390x",
"product": {
"name": "go1.23-doc-1.23.10-1.1.s390x",
"product_id": "go1.23-doc-1.23.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.23-libstd-1.23.10-1.1.s390x",
"product": {
"name": "go1.23-libstd-1.23.10-1.1.s390x",
"product_id": "go1.23-libstd-1.23.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.23-race-1.23.10-1.1.s390x",
"product": {
"name": "go1.23-race-1.23.10-1.1.s390x",
"product_id": "go1.23-race-1.23.10-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-1.23.10-1.1.x86_64",
"product": {
"name": "go1.23-1.23.10-1.1.x86_64",
"product_id": "go1.23-1.23.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.23-doc-1.23.10-1.1.x86_64",
"product": {
"name": "go1.23-doc-1.23.10-1.1.x86_64",
"product_id": "go1.23-doc-1.23.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.23-libstd-1.23.10-1.1.x86_64",
"product": {
"name": "go1.23-libstd-1.23.10-1.1.x86_64",
"product_id": "go1.23-libstd-1.23.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.23-race-1.23.10-1.1.x86_64",
"product": {
"name": "go1.23-race-1.23.10-1.1.x86_64",
"product_id": "go1.23-race-1.23.10-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-1.23.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-1.23.10-1.1.aarch64"
},
"product_reference": "go1.23-1.23.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-1.23.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-1.23.10-1.1.ppc64le"
},
"product_reference": "go1.23-1.23.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-1.23.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-1.23.10-1.1.s390x"
},
"product_reference": "go1.23-1.23.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-1.23.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-1.23.10-1.1.x86_64"
},
"product_reference": "go1.23-1.23.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-doc-1.23.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.aarch64"
},
"product_reference": "go1.23-doc-1.23.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-doc-1.23.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.ppc64le"
},
"product_reference": "go1.23-doc-1.23.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-doc-1.23.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.s390x"
},
"product_reference": "go1.23-doc-1.23.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-doc-1.23.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.x86_64"
},
"product_reference": "go1.23-doc-1.23.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-libstd-1.23.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.aarch64"
},
"product_reference": "go1.23-libstd-1.23.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-libstd-1.23.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.ppc64le"
},
"product_reference": "go1.23-libstd-1.23.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-libstd-1.23.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.s390x"
},
"product_reference": "go1.23-libstd-1.23.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-libstd-1.23.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.x86_64"
},
"product_reference": "go1.23-libstd-1.23.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-race-1.23.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.aarch64"
},
"product_reference": "go1.23-race-1.23.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-race-1.23.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.ppc64le"
},
"product_reference": "go1.23-race-1.23.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-race-1.23.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.s390x"
},
"product_reference": "go1.23-race-1.23.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-race-1.23.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.x86_64"
},
"product_reference": "go1.23-race-1.23.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0913"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0913",
"url": "https://www.suse.com/security/cve/CVE-2025-0913"
},
{
"category": "external",
"summary": "SUSE Bug 1244157 for CVE-2025-0913",
"url": "https://bugzilla.suse.com/1244157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-0913"
},
{
"cve": "CVE-2025-4673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4673"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4673",
"url": "https://www.suse.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "SUSE Bug 1244156 for CVE-2025-4673",
"url": "https://bugzilla.suse.com/1244156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-doc-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-libstd-1.23.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.s390x",
"openSUSE Tumbleweed:go1.23-race-1.23.10-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-03T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-4673"
}
]
}
ghsa-62jj-gr2r-5c34
Vulnerability from github
Published
2025-06-11 18:35
Modified
2025-06-11 18:35
Severity ?
VLAI Severity ?
Details
Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.
{
"affected": [],
"aliases": [
"CVE-2025-4673"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-11T17:15:42Z",
"severity": "MODERATE"
},
"details": "Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.",
"id": "GHSA-62jj-gr2r-5c34",
"modified": "2025-06-11T18:35:43Z",
"published": "2025-06-11T18:35:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://go.dev/cl/679257"
},
{
"type": "WEB",
"url": "https://go.dev/issue/73816"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2025-3751"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
suse-su-2025:03158-1
Vulnerability from csaf_suse
Published
2025-09-11 03:04
Modified
2025-09-11 03:04
Summary
Security update for go1.24-openssl
Notes
Title of the patch
Security update for go1.24-openssl
Description of the patch
This security update of go1.24-openssl fixes the following issues:
Update to version 1.24.6 cut from the go1.24-fips-release
branch at the revision tagged go1.24.6-1-openssl-fips.
Refs jsc#SLE-18320
* Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil
salt to be passed as a hash length buffer of zeros.
go1.24.6 (released 2025-08-06) includes security fixes to the
database/sql and os/exec packages, as well as bug fixes to the
runtime. ( boo#1236217 go1.24 release tracking)
CVE-2025-47906 CVE-2025-47907:
* go#74804 go#74466 boo#1247719 security: fix CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of '', '.' and '..' in some PATH configurations
* go#74833 go#74831 boo#1247720 security: fix CVE-2025-47907 database/sql: incorrect results returned from Rows.Scan
* go#73800 runtime: RSS seems to have increased in Go 1.24 while the runtime accounting has not
* go#74416 runtime: use-after-free of allpSnapshot in findRunnable
* go#74694 runtime: segfaults in runtime.(*unwinder).next
* go#74760 os/user:nolibgcc: TestGroupIdsTestUser failures
go1.24.5 (released 2025-07-08) includes security fixes to the go
command, as well as bug fixes to the compiler, the linker, the , and
the go command. ( boo#1236217 go1.24 release tracking)
j
CVE-2025-4674:
* go#74381 go#74380 boo#1246118 security: fix CVE-2025-4674 cmd/go: disable support for multiple vcs in one module
* go#73908 runtime: bad frame pointer during panic during duffcopy
* go#74098 cmd/compile: regression on ppc64le bit operations
* go#74113 cmd/go: crash on unknown GOEXPERIMENT during toolchain selection
* go#74290 runtime: heap mspan limit is set too late, causing data race between span allocation and conservative scanning
* go#74294 internal/trace: stress tests triggering suspected deadlock in tracer
* go#74346 runtime: memlock not unlocked in all control flow paths in sysReserveAlignedSbrk
* go#74363 runtime/pprof: crash 'cannot read stack of running goroutine' in goroutine profile
* go#74403 cmd/link: duplicated definition of symbol github.com/ebitengine/purego.syscall15XABI0 when running with ASAN
go1.24.4 (released 2025-06-05) includes security fixes to the
crypto/x509, net/http, and os packages, as well as bug fixes to
the linker, the go command, and the hash/maphash and os packages.
( boo#1236217 go1.24 release tracking)
CVE-2025-22874 CVE-2025-0913 CVE-2025-4673
* go#73700 go#73702 boo#1244158 security: fix CVE-2025-22874 crypto/x509: ExtKeyUsageAny bypasses policy validation
* go#73720 go#73612 boo#1244157 security: fix CVE-2025-0913 os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows
* go#73906 go#73816 boo#1244156 security: fix CVE-2025-4673 net/http: sensitive headers not cleared on cross-origin redirect
* go#73570 os: Root.Mkdir creates directories with zero permissions on OpenBSD
* go#73669 hash/maphash: hashing channels with purego impl. of maphash.Comparable panics
* go#73678 runtime/debug: BuildSetting does not document DefaultGODEBUG
* go#73809 cmd/go: add fips140 module selection mechanism
* go#73832 cmd/link: Go 1.24.3 and 1.23.9 regression - duplicated definition of symbol dlopen
Patchnames
SUSE-2025-3158,SUSE-SLE-Module-Development-Tools-15-SP6-2025-3158,SUSE-SLE-Module-Development-Tools-15-SP7-2025-3158,openSUSE-SLE-15.6-2025-3158
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.24-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis security update of go1.24-openssl fixes the following issues:\n\nUpdate to version 1.24.6 cut from the go1.24-fips-release\nbranch at the revision tagged go1.24.6-1-openssl-fips.\nRefs jsc#SLE-18320\n\n* Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil\n salt to be passed as a hash length buffer of zeros.\n\ngo1.24.6 (released 2025-08-06) includes security fixes to the\ndatabase/sql and os/exec packages, as well as bug fixes to the\nruntime. ( boo#1236217 go1.24 release tracking)\n\nCVE-2025-47906 CVE-2025-47907:\n\n* go#74804 go#74466 boo#1247719 security: fix CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of \u0027\u0027, \u0027.\u0027 and \u0027..\u0027 in some PATH configurations\n* go#74833 go#74831 boo#1247720 security: fix CVE-2025-47907 database/sql: incorrect results returned from Rows.Scan\n\n* go#73800 runtime: RSS seems to have increased in Go 1.24 while the runtime accounting has not\n* go#74416 runtime: use-after-free of allpSnapshot in findRunnable\n* go#74694 runtime: segfaults in runtime.(*unwinder).next\n* go#74760 os/user:nolibgcc: TestGroupIdsTestUser failures\n\ngo1.24.5 (released 2025-07-08) includes security fixes to the go\ncommand, as well as bug fixes to the compiler, the linker, the , and\nthe go command. ( boo#1236217 go1.24 release tracking)\nj\nCVE-2025-4674:\n\n* go#74381 go#74380 boo#1246118 security: fix CVE-2025-4674 cmd/go: disable support for multiple vcs in one module\n\n* go#73908 runtime: bad frame pointer during panic during duffcopy\n* go#74098 cmd/compile: regression on ppc64le bit operations\n* go#74113 cmd/go: crash on unknown GOEXPERIMENT during toolchain selection\n* go#74290 runtime: heap mspan limit is set too late, causing data race between span allocation and conservative scanning\n* go#74294 internal/trace: stress tests triggering suspected deadlock in tracer\n* go#74346 runtime: memlock not unlocked in all control flow paths in sysReserveAlignedSbrk\n* go#74363 runtime/pprof: crash \u0027cannot read stack of running goroutine\u0027 in goroutine profile\n* go#74403 cmd/link: duplicated definition of symbol github.com/ebitengine/purego.syscall15XABI0 when running with ASAN\n\ngo1.24.4 (released 2025-06-05) includes security fixes to the\ncrypto/x509, net/http, and os packages, as well as bug fixes to\nthe linker, the go command, and the hash/maphash and os packages.\n( boo#1236217 go1.24 release tracking)\n\nCVE-2025-22874 CVE-2025-0913 CVE-2025-4673\n* go#73700 go#73702 boo#1244158 security: fix CVE-2025-22874 crypto/x509: ExtKeyUsageAny bypasses policy validation\n* go#73720 go#73612 boo#1244157 security: fix CVE-2025-0913 os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows\n* go#73906 go#73816 boo#1244156 security: fix CVE-2025-4673 net/http: sensitive headers not cleared on cross-origin redirect\n\n* go#73570 os: Root.Mkdir creates directories with zero permissions on OpenBSD\n* go#73669 hash/maphash: hashing channels with purego impl. of maphash.Comparable panics\n* go#73678 runtime/debug: BuildSetting does not document DefaultGODEBUG\n* go#73809 cmd/go: add fips140 module selection mechanism\n* go#73832 cmd/link: Go 1.24.3 and 1.23.9 regression - duplicated definition of symbol dlopen\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3158,SUSE-SLE-Module-Development-Tools-15-SP6-2025-3158,SUSE-SLE-Module-Development-Tools-15-SP7-2025-3158,openSUSE-SLE-15.6-2025-3158",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03158-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03158-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503158-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03158-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041648.html"
},
{
"category": "self",
"summary": "SUSE Bug 1236217",
"url": "https://bugzilla.suse.com/1236217"
},
{
"category": "self",
"summary": "SUSE Bug 1244156",
"url": "https://bugzilla.suse.com/1244156"
},
{
"category": "self",
"summary": "SUSE Bug 1244157",
"url": "https://bugzilla.suse.com/1244157"
},
{
"category": "self",
"summary": "SUSE Bug 1244158",
"url": "https://bugzilla.suse.com/1244158"
},
{
"category": "self",
"summary": "SUSE Bug 1246118",
"url": "https://bugzilla.suse.com/1246118"
},
{
"category": "self",
"summary": "SUSE Bug 1247719",
"url": "https://bugzilla.suse.com/1247719"
},
{
"category": "self",
"summary": "SUSE Bug 1247720",
"url": "https://bugzilla.suse.com/1247720"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22874 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4673 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4674 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47906 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47907 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47907/"
}
],
"title": "Security update for go1.24-openssl",
"tracking": {
"current_release_date": "2025-09-11T03:04:46Z",
"generator": {
"date": "2025-09-11T03:04:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03158-1",
"initial_release_date": "2025-09-11T03:04:46Z",
"revision_history": [
{
"date": "2025-09-11T03:04:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"product": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"product_id": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"product_id": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"product": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"product_id": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150600.13.9.1.i586",
"product": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.i586",
"product_id": "go1.24-openssl-1.24.6-150600.13.9.1.i586"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.i586",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.i586",
"product_id": "go1.24-openssl-doc-1.24.6-150600.13.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"product": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"product_id": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"product_id": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"product": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"product_id": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"product": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"product_id": "go1.24-openssl-1.24.6-150600.13.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"product_id": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"product": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"product_id": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"product": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"product_id": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"product_id": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"product": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"product_id": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0913"
}
],
"notes": [
{
"category": "general",
"text": "os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0913",
"url": "https://www.suse.com/security/cve/CVE-2025-0913"
},
{
"category": "external",
"summary": "SUSE Bug 1244157 for CVE-2025-0913",
"url": "https://bugzilla.suse.com/1244157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-0913"
},
{
"cve": "CVE-2025-22874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22874"
}
],
"notes": [
{
"category": "general",
"text": "Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22874",
"url": "https://www.suse.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "SUSE Bug 1244158 for CVE-2025-22874",
"url": "https://bugzilla.suse.com/1244158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "important"
}
],
"title": "CVE-2025-22874"
},
{
"cve": "CVE-2025-4673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4673"
}
],
"notes": [
{
"category": "general",
"text": "Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4673",
"url": "https://www.suse.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "SUSE Bug 1244156 for CVE-2025-4673",
"url": "https://bugzilla.suse.com/1244156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-4673"
},
{
"cve": "CVE-2025-4674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4674"
}
],
"notes": [
{
"category": "general",
"text": "The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS (e.g. Git), but contains metadata for another VCS (e.g. Mercurial). Modules which are retrieved using the go command line, i.e. via \"go get\", are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4674",
"url": "https://www.suse.com/security/cve/CVE-2025-4674"
},
{
"category": "external",
"summary": "SUSE Bug 1246118 for CVE-2025-4674",
"url": "https://bugzilla.suse.com/1246118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "important"
}
],
"title": "CVE-2025-4674"
},
{
"cve": "CVE-2025-47906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47906"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47906",
"url": "https://www.suse.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "SUSE Bug 1247719 for CVE-2025-47906",
"url": "https://bugzilla.suse.com/1247719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-47906"
},
{
"cve": "CVE-2025-47907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47907"
}
],
"notes": [
{
"category": "general",
"text": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47907",
"url": "https://www.suse.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "SUSE Bug 1247720 for CVE-2025-47907",
"url": "https://bugzilla.suse.com/1247720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-47907"
}
]
}
suse-su-2025:03159-1
Vulnerability from csaf_suse
Published
2025-09-11 03:05
Modified
2025-09-11 03:05
Summary
Security update for go1.23-openssl
Notes
Title of the patch
Security update for go1.23-openssl
Description of the patch
This update for go1.23-openssl fixes the following issues:
Update to version 1.23.12 cut from the go1.23-fips-release branch at
the revision tagged go1.23.12-1-openssl-fips. ( jsc#SLE-18320)
* Rebase to 1.23.12
* Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil
salt to be passed as a hash length buffer of zeros.
Packaging improvements:
* Update go_bootstrap_version to go1.21 from go1.20 to shorten
the bootstrap chain. go1.21 can optionally be bootstrapped with
gccgo and serve as the inital version of go1.x.
* Refs boo#1247816 bootstrap go1.21 with gccgo
go1.23.12 (released 2025-08-06) includes security fixes to the
database/sql and os/exec packages, as well as bug fixes to the
runtime.
CVE-2025-47906 CVE-2025-47907:
* go#74803 go#74466 boo#1247719 security: fix CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of '', '.' and '..' in some PATH configurations
* go#74832 go#74831 boo#1247720 security: fix CVE-2025-47907 database/sql: incorrect results returned from Rows.Scan
* go#74415 runtime: use-after-free of allpSnapshot in findRunnable
* go#74693 runtime: segfaults in runtime.(*unwinder).next
* go#74721 cmd/go: TestScript/build_trimpath_cgo fails to decode dwarf on release-branch.go1.23
* go#74726 cmd/cgo/internal/testsanitizers: failures with signal: segmentation fault or exit status 66
go1.23.11 (released 2025-07-08) includes security fixes to the go
command, as well as bug fixes to the compiler, the linker, and
the runtime.
CVE-2025-4674:
* go#74382 go#74380 boo#1246118 security: fix CVE-2025-4674 cmd/go: disable support for multiple vcs in one module
* go#73907 runtime: bad frame pointer during panic during duffcopy
* go#74289 runtime: heap mspan limit is set too late, causing data race between span allocation and conservative scanning
* go#74293 internal/trace: stress tests triggering suspected deadlock in tracer
* go#74362 runtime/pprof: crash 'cannot read stack of running goroutine' in goroutine profile
* go#74402 cmd/link: duplicated definition of symbol github.com/ebitengine/purego.syscall15XABI0 when running with ASAN
go1.23.10 (released 2025-06-05) includes security fixes to the
net/http and os packages, as well as bug fixes to the linker. (boo#1229122 go1.23 release tracking)
CVE-2025-0913 CVE-2025-4673:
* go#73719 go#73612 boo#1244157 security: fix CVE-2025-0913 os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows
* go#73905 go#73816 boo#1244156 security: fix CVE-2025-4673 net/http: sensitive headers not cleared on cross-origin redirect
* go#73677 runtime/debug: BuildSetting does not document DefaultGODEBUG
* go#73831 cmd/link: Go 1.24.3 and 1.23.9 regression - duplicated definition of symbol dlopen
go1.23.9 (released 2025-05-06) includes fixes to the runtime and
the linker. (boo#1229122 go1.23 release tracking)
* go#73091 cmd/link: linkname directive on userspace variable can override runtime variable
* go#73380 runtime, x/sys/unix: Connectx is broken on darwin/amd64
go1.23.8 (released 2025-04-01) includes security fixes to the
net/http package, as well as bug fixes to the runtime and the go
command.
CVE-2025-22871:
* go#72010 go#71988 boo#1240550 security: fix CVE-2025-22871 net/http: reject bare LF in chunked encoding
* go#72114 runtime: process hangs for mips hardware
* go#72871 runtime: cgo callback on extra M treated as external code after nested cgo callback returns
* go#72937 internal/godebugs: winsymlink and winreadlinkvolume have incorrect defaults for Go 1.22
go1.23.7 (released 2025-03-04) includes security fixes to the
net/http package, as well as bug fixes to cgo, the compiler, and
the reflect, runtime, and syscall packages.
CVE-2025-22870:
* go#71985 go#71984 boo#1238572 security: fix CVE-2025-22870 net/http, x/net/proxy, x/net/http/httpproxy: proxy bypass using IPv6 zone IDs
* go#71727 runtime: usleep computes wrong tv_nsec on s390x
* go#71839 runtime: recover added in range-over-func loop body doesn't stop panic propagation / segfaults printing error
* go#71848 os: spurious SIGCHILD on running child process
* go#71875 reflect: Value.Seq panicking on functional iterator methods
* go#71915 reflect: Value.Seq iteration value types not matching the type of given int types
* go#71962 runtime/cgo: does not build with -Wdeclaration-after-statement
go1.23.6 (released 2025-02-04) includes security fixes to the
crypto/elliptic package, as well as bug fixes to the compiler and
the go command.
CVE-2025-22866
* go#71423 go#71383 boo#1236801 security: fix CVE-2025-22866 crypto/internal/fips140/nistec: p256NegCond is variable time on ppc64le
* go#71263 cmd/go/internal/modfetch/codehost: test fails with git 2.47.1
* go#71230 cmd/compile: broken write barrier
go1.23.5 (released 2025-01-16) includes security fixes to the
crypto/x509 and net/http packages, as well as bug fixes to the
compiler, the runtime, and the net package.
CVE-2024-45341 CVE-2024-45336:
* go#71208 go#71156 boo#1236045 security: fix CVE-2024-45341 crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints
* go#71211 go#70530 boo#1236046 security: fix CVE-2024-45336 net/http: sensitive headers incorrectly sent after cross-domain redirect
* go#69988 runtime: severe performance drop for cgo calls in go1.22.5
* go#70517 cmd/compile/internal/importer: flip enable alias to true
* go#70789 os: io.Copy(net.Conn, os.Stdin) on MacOS terminate immediately without waiting for input
* go#71104 crypto/tls: TestVerifyConnection/TLSv12 failures
* go#71147 internal/trace: TestTraceCPUProfile/Stress failures
go1.23.4 (released 2024-12-03) includes fixes to the compiler,
the runtime, the trace command, and the syscall package.
* go#70644 crypto/rsa: new key generation prohibitively slow under race detector
* go#70645 proposal: go/types: add Scope.Node convenience getter
* go#70646 x/tools/gopls: unimported completion corrupts import decl (client=BBEdit)
* go#70648 crypto/tls: TestHandshakeClientECDHEECDSAAESGCM/TLSv12 failures
* go#70649 x/benchmarks/sweet/cmd/sweet: TestSweetEndToEnd failures
* go#70650 crypto/tls: TestGetClientCertificate/TLSv13 failures
* go#70651 x/tools/go/gcexportdata: simplify implementation assuming go >= 1.21
* go#70654 cmd/go: Incorrect output from go list
* go#70655 x/build/cmd/relui: add workflows for some remaining manual recurring Go major release cycle tasks
* go#70657 proposal: bufio: Scanner.IterText/Scanner.IterBytes
* go#70658 x/net/http2: stuck extended CONNECT requests
* go#70659 os: TestRootDirFS failures on linux-mips64 and linux-mips64le arch-mips
* go#70660 crypto/ecdsa: TestRFC6979 failures on s390x
* go#70664 x/mobile: target maccatalyst cannot find OpenGLES header
* go#70665 x/tools/gopls: refactor.extract.variable fails at package level
* go#70666 x/tools/gopls: panic in GetIfaceStubInfo
* go#70667 proposal: crypto/x509: support extracting X25519 public keys from certificates
* go#70668 proposal: x/mobile: better support for unrecovered panics
* go#70669 cmd/go: local failure in TestScript/build_trimpath_cgo
* go#70670 cmd/link: unused functions aren't getting deadcoded from the binary
* go#70674 x/pkgsite: package removal request for https://pkg.go.dev/github.com/uisdevsquad/go-test/debugmate
* go#70675 cmd/go/internal/lockedfile: mountrpc flake in TestTransform on plan9
* go#70677 all: remote file server I/O flakiness with 'Bad fid' errors on plan9
* go#70678 internal/poll: deadlock on 'Intel(R) Xeon(R) Platinum' when an FD is closed
* go#70679 mime/multipart: With go 1.23.3, mime/multipart does not link
Update to version 1.23.2.3 cut from the go1.23-fips-release
branch at the revision tagged go1.23.2-3-openssl-fips. ( jsc#SLE-18320)
* Add negative tests for openssl (#243)
go1.23.3 (released 2024-11-06) includes fixes to the linker, the runtime, and the net/http, os, and syscall packages.
* go#69258 runtime: corrupted GoroutineProfile stack traces
* go#69259 runtime: multi-arch build via qemu fails to exec go binary
* go#69640 os: os.checkPidfd() crashes with SIGSYS
* go#69746 runtime: TestGdbAutotmpTypes failures
* go#69848 cmd/compile: syscall.Syscall15: nosplit stack over 792 byte limit
* go#69865 runtime: MutexProfile missing root frames in go1.23
* go#69882 time,runtime: too many concurrent timer firings for short time.Ticker
* go#69978 time,runtime: too many concurrent timer firings for short, fast-resetting time.Timer
* go#69992 cmd/link: LC_UUID not generated by go linker, resulting in failure to access local network on macOS 15
* go#70001 net/http/pprof: coroutines + pprof makes the program panic
* go#70020 net/http: short writes with FileServer on macos
Patchnames
SUSE-2025-3159,SUSE-SLE-Module-Development-Tools-15-SP6-2025-3159,SUSE-SLE-Module-Development-Tools-15-SP7-2025-3159,openSUSE-SLE-15.6-2025-3159
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.23-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for go1.23-openssl fixes the following issues:\n\nUpdate to version 1.23.12 cut from the go1.23-fips-release branch at\nthe revision tagged go1.23.12-1-openssl-fips. ( jsc#SLE-18320)\n\n * Rebase to 1.23.12\n * Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil\n salt to be passed as a hash length buffer of zeros.\n\nPackaging improvements:\n\n * Update go_bootstrap_version to go1.21 from go1.20 to shorten\n the bootstrap chain. go1.21 can optionally be bootstrapped with\n gccgo and serve as the inital version of go1.x.\n * Refs boo#1247816 bootstrap go1.21 with gccgo\n\ngo1.23.12 (released 2025-08-06) includes security fixes to the\ndatabase/sql and os/exec packages, as well as bug fixes to the\nruntime.\n\nCVE-2025-47906 CVE-2025-47907:\n * go#74803 go#74466 boo#1247719 security: fix CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of \u0027\u0027, \u0027.\u0027 and \u0027..\u0027 in some PATH configurations\n * go#74832 go#74831 boo#1247720 security: fix CVE-2025-47907 database/sql: incorrect results returned from Rows.Scan\n\n * go#74415 runtime: use-after-free of allpSnapshot in findRunnable\n * go#74693 runtime: segfaults in runtime.(*unwinder).next\n * go#74721 cmd/go: TestScript/build_trimpath_cgo fails to decode dwarf on release-branch.go1.23\n * go#74726 cmd/cgo/internal/testsanitizers: failures with signal: segmentation fault or exit status 66\n\ngo1.23.11 (released 2025-07-08) includes security fixes to the go\ncommand, as well as bug fixes to the compiler, the linker, and\nthe runtime.\n\nCVE-2025-4674:\n * go#74382 go#74380 boo#1246118 security: fix CVE-2025-4674 cmd/go: disable support for multiple vcs in one module\n\n * go#73907 runtime: bad frame pointer during panic during duffcopy\n * go#74289 runtime: heap mspan limit is set too late, causing data race between span allocation and conservative scanning\n * go#74293 internal/trace: stress tests triggering suspected deadlock in tracer\n * go#74362 runtime/pprof: crash \u0027cannot read stack of running goroutine\u0027 in goroutine profile\n * go#74402 cmd/link: duplicated definition of symbol github.com/ebitengine/purego.syscall15XABI0 when running with ASAN\n\ngo1.23.10 (released 2025-06-05) includes security fixes to the\nnet/http and os packages, as well as bug fixes to the linker. (boo#1229122 go1.23 release tracking)\n\nCVE-2025-0913 CVE-2025-4673:\n * go#73719 go#73612 boo#1244157 security: fix CVE-2025-0913 os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows\n * go#73905 go#73816 boo#1244156 security: fix CVE-2025-4673 net/http: sensitive headers not cleared on cross-origin redirect\n\n * go#73677 runtime/debug: BuildSetting does not document DefaultGODEBUG\n * go#73831 cmd/link: Go 1.24.3 and 1.23.9 regression - duplicated definition of symbol dlopen\n\ngo1.23.9 (released 2025-05-06) includes fixes to the runtime and\nthe linker. (boo#1229122 go1.23 release tracking)\n\n * go#73091 cmd/link: linkname directive on userspace variable can override runtime variable\n * go#73380 runtime, x/sys/unix: Connectx is broken on darwin/amd64\n\ngo1.23.8 (released 2025-04-01) includes security fixes to the\nnet/http package, as well as bug fixes to the runtime and the go\ncommand.\n\n CVE-2025-22871:\n * go#72010 go#71988 boo#1240550 security: fix CVE-2025-22871 net/http: reject bare LF in chunked encoding\n\n * go#72114 runtime: process hangs for mips hardware\n * go#72871 runtime: cgo callback on extra M treated as external code after nested cgo callback returns\n * go#72937 internal/godebugs: winsymlink and winreadlinkvolume have incorrect defaults for Go 1.22\n\ngo1.23.7 (released 2025-03-04) includes security fixes to the\nnet/http package, as well as bug fixes to cgo, the compiler, and\nthe reflect, runtime, and syscall packages.\n\n CVE-2025-22870:\n * go#71985 go#71984 boo#1238572 security: fix CVE-2025-22870 net/http, x/net/proxy, x/net/http/httpproxy: proxy bypass using IPv6 zone IDs\n\n * go#71727 runtime: usleep computes wrong tv_nsec on s390x\n * go#71839 runtime: recover added in range-over-func loop body doesn\u0027t stop panic propagation / segfaults printing error\n * go#71848 os: spurious SIGCHILD on running child process\n * go#71875 reflect: Value.Seq panicking on functional iterator methods\n * go#71915 reflect: Value.Seq iteration value types not matching the type of given int types\n * go#71962 runtime/cgo: does not build with -Wdeclaration-after-statement\n\ngo1.23.6 (released 2025-02-04) includes security fixes to the\ncrypto/elliptic package, as well as bug fixes to the compiler and\nthe go command.\n\n CVE-2025-22866\n * go#71423 go#71383 boo#1236801 security: fix CVE-2025-22866 crypto/internal/fips140/nistec: p256NegCond is variable time on ppc64le\n\n * go#71263 cmd/go/internal/modfetch/codehost: test fails with git 2.47.1\n * go#71230 cmd/compile: broken write barrier\n\ngo1.23.5 (released 2025-01-16) includes security fixes to the\ncrypto/x509 and net/http packages, as well as bug fixes to the\ncompiler, the runtime, and the net package.\n\n CVE-2024-45341 CVE-2024-45336:\n * go#71208 go#71156 boo#1236045 security: fix CVE-2024-45341 crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints\n * go#71211 go#70530 boo#1236046 security: fix CVE-2024-45336 net/http: sensitive headers incorrectly sent after cross-domain redirect\n\n * go#69988 runtime: severe performance drop for cgo calls in go1.22.5\n * go#70517 cmd/compile/internal/importer: flip enable alias to true\n * go#70789 os: io.Copy(net.Conn, os.Stdin) on MacOS terminate immediately without waiting for input\n * go#71104 crypto/tls: TestVerifyConnection/TLSv12 failures\n * go#71147 internal/trace: TestTraceCPUProfile/Stress failures\n\ngo1.23.4 (released 2024-12-03) includes fixes to the compiler,\nthe runtime, the trace command, and the syscall package.\n\n * go#70644 crypto/rsa: new key generation prohibitively slow under race detector\n * go#70645 proposal: go/types: add Scope.Node convenience getter\n * go#70646 x/tools/gopls: unimported completion corrupts import decl (client=BBEdit)\n * go#70648 crypto/tls: TestHandshakeClientECDHEECDSAAESGCM/TLSv12 failures\n * go#70649 x/benchmarks/sweet/cmd/sweet: TestSweetEndToEnd failures\n * go#70650 crypto/tls: TestGetClientCertificate/TLSv13 failures\n * go#70651 x/tools/go/gcexportdata: simplify implementation assuming go \u003e= 1.21\n * go#70654 cmd/go: Incorrect output from go list\n * go#70655 x/build/cmd/relui: add workflows for some remaining manual recurring Go major release cycle tasks\n * go#70657 proposal: bufio: Scanner.IterText/Scanner.IterBytes\n * go#70658 x/net/http2: stuck extended CONNECT requests\n * go#70659 os: TestRootDirFS failures on linux-mips64 and linux-mips64le arch-mips\n * go#70660 crypto/ecdsa: TestRFC6979 failures on s390x\n * go#70664 x/mobile: target maccatalyst cannot find OpenGLES header\n * go#70665 x/tools/gopls: refactor.extract.variable fails at package level\n * go#70666 x/tools/gopls: panic in GetIfaceStubInfo\n * go#70667 proposal: crypto/x509: support extracting X25519 public keys from certificates\n * go#70668 proposal: x/mobile: better support for unrecovered panics\n * go#70669 cmd/go: local failure in TestScript/build_trimpath_cgo\n * go#70670 cmd/link: unused functions aren\u0027t getting deadcoded from the binary\n * go#70674 x/pkgsite: package removal request for https://pkg.go.dev/github.com/uisdevsquad/go-test/debugmate\n * go#70675 cmd/go/internal/lockedfile: mountrpc flake in TestTransform on plan9\n * go#70677 all: remote file server I/O flakiness with \u0027Bad fid\u0027 errors on plan9\n * go#70678 internal/poll: deadlock on \u0027Intel(R) Xeon(R) Platinum\u0027 when an FD is closed\n * go#70679 mime/multipart: With go 1.23.3, mime/multipart does not link\n\nUpdate to version 1.23.2.3 cut from the go1.23-fips-release\nbranch at the revision tagged go1.23.2-3-openssl-fips. ( jsc#SLE-18320)\n\n* Add negative tests for openssl (#243)\n\ngo1.23.3 (released 2024-11-06) includes fixes to the linker, the runtime, and the net/http, os, and syscall packages.\n\n * go#69258 runtime: corrupted GoroutineProfile stack traces\n * go#69259 runtime: multi-arch build via qemu fails to exec go binary\n * go#69640 os: os.checkPidfd() crashes with SIGSYS\n * go#69746 runtime: TestGdbAutotmpTypes failures\n * go#69848 cmd/compile: syscall.Syscall15: nosplit stack over 792 byte limit\n * go#69865 runtime: MutexProfile missing root frames in go1.23\n * go#69882 time,runtime: too many concurrent timer firings for short time.Ticker\n * go#69978 time,runtime: too many concurrent timer firings for short, fast-resetting time.Timer\n * go#69992 cmd/link: LC_UUID not generated by go linker, resulting in failure to access local network on macOS 15\n * go#70001 net/http/pprof: coroutines + pprof makes the program panic\n * go#70020 net/http: short writes with FileServer on macos\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3159,SUSE-SLE-Module-Development-Tools-15-SP6-2025-3159,SUSE-SLE-Module-Development-Tools-15-SP7-2025-3159,openSUSE-SLE-15.6-2025-3159",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03159-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03159-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503159-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03159-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041646.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229122",
"url": "https://bugzilla.suse.com/1229122"
},
{
"category": "self",
"summary": "SUSE Bug 1236045",
"url": "https://bugzilla.suse.com/1236045"
},
{
"category": "self",
"summary": "SUSE Bug 1236046",
"url": "https://bugzilla.suse.com/1236046"
},
{
"category": "self",
"summary": "SUSE Bug 1236801",
"url": "https://bugzilla.suse.com/1236801"
},
{
"category": "self",
"summary": "SUSE Bug 1238572",
"url": "https://bugzilla.suse.com/1238572"
},
{
"category": "self",
"summary": "SUSE Bug 1240550",
"url": "https://bugzilla.suse.com/1240550"
},
{
"category": "self",
"summary": "SUSE Bug 1244156",
"url": "https://bugzilla.suse.com/1244156"
},
{
"category": "self",
"summary": "SUSE Bug 1244157",
"url": "https://bugzilla.suse.com/1244157"
},
{
"category": "self",
"summary": "SUSE Bug 1246118",
"url": "https://bugzilla.suse.com/1246118"
},
{
"category": "self",
"summary": "SUSE Bug 1247719",
"url": "https://bugzilla.suse.com/1247719"
},
{
"category": "self",
"summary": "SUSE Bug 1247720",
"url": "https://bugzilla.suse.com/1247720"
},
{
"category": "self",
"summary": "SUSE Bug 1247816",
"url": "https://bugzilla.suse.com/1247816"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45336 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45336/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45341 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45341/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22866 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4673 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4674 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47906 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47907 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47907/"
}
],
"title": "Security update for go1.23-openssl",
"tracking": {
"current_release_date": "2025-09-11T03:05:02Z",
"generator": {
"date": "2025-09-11T03:05:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03159-1",
"initial_release_date": "2025-09-11T03:05:02Z",
"revision_history": [
{
"date": "2025-09-11T03:05:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"product": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"product_id": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"product": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"product_id": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"product": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"product_id": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.12-150600.13.9.1.i586",
"product": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.i586",
"product_id": "go1.23-openssl-1.23.12-150600.13.9.1.i586"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.i586",
"product": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.i586",
"product_id": "go1.23-openssl-doc-1.23.12-150600.13.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"product": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"product_id": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"product": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"product_id": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"product": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"product_id": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"product": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"product_id": "go1.23-openssl-1.23.12-150600.13.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"product": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"product_id": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"product": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"product_id": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"product": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"product_id": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"product": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"product_id": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"product": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"product_id": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45336",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45336"
}
],
"notes": [
{
"category": "general",
"text": "The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45336",
"url": "https://www.suse.com/security/cve/CVE-2024-45336"
},
{
"category": "external",
"summary": "SUSE Bug 1236045 for CVE-2024-45336",
"url": "https://bugzilla.suse.com/1236045"
},
{
"category": "external",
"summary": "SUSE Bug 1236046 for CVE-2024-45336",
"url": "https://bugzilla.suse.com/1236046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-45336"
},
{
"cve": "CVE-2024-45341",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45341"
}
],
"notes": [
{
"category": "general",
"text": "A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45341",
"url": "https://www.suse.com/security/cve/CVE-2024-45341"
},
{
"category": "external",
"summary": "SUSE Bug 1236045 for CVE-2024-45341",
"url": "https://bugzilla.suse.com/1236045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-45341"
},
{
"cve": "CVE-2025-0913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0913"
}
],
"notes": [
{
"category": "general",
"text": "os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0913",
"url": "https://www.suse.com/security/cve/CVE-2025-0913"
},
{
"category": "external",
"summary": "SUSE Bug 1244157 for CVE-2025-0913",
"url": "https://bugzilla.suse.com/1244157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-0913"
},
{
"cve": "CVE-2025-22866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22866"
}
],
"notes": [
{
"category": "general",
"text": "Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recovery of the private key when P-256 is used in any well known protocols.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22866",
"url": "https://www.suse.com/security/cve/CVE-2025-22866"
},
{
"category": "external",
"summary": "SUSE Bug 1236801 for CVE-2025-22866",
"url": "https://bugzilla.suse.com/1236801"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22866"
},
{
"cve": "CVE-2025-22870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22870"
}
],
"notes": [
{
"category": "general",
"text": "Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22870",
"url": "https://www.suse.com/security/cve/CVE-2025-22870"
},
{
"category": "external",
"summary": "SUSE Bug 1238572 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238572"
},
{
"category": "external",
"summary": "SUSE Bug 1238611 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22870"
},
{
"cve": "CVE-2025-22871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22871"
}
],
"notes": [
{
"category": "general",
"text": "The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22871",
"url": "https://www.suse.com/security/cve/CVE-2025-22871"
},
{
"category": "external",
"summary": "SUSE Bug 1240550 for CVE-2025-22871",
"url": "https://bugzilla.suse.com/1240550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22871"
},
{
"cve": "CVE-2025-4673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4673"
}
],
"notes": [
{
"category": "general",
"text": "Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4673",
"url": "https://www.suse.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "SUSE Bug 1244156 for CVE-2025-4673",
"url": "https://bugzilla.suse.com/1244156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-4673"
},
{
"cve": "CVE-2025-4674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4674"
}
],
"notes": [
{
"category": "general",
"text": "The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS (e.g. Git), but contains metadata for another VCS (e.g. Mercurial). Modules which are retrieved using the go command line, i.e. via \"go get\", are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4674",
"url": "https://www.suse.com/security/cve/CVE-2025-4674"
},
{
"category": "external",
"summary": "SUSE Bug 1246118 for CVE-2025-4674",
"url": "https://bugzilla.suse.com/1246118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "important"
}
],
"title": "CVE-2025-4674"
},
{
"cve": "CVE-2025-47906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47906"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47906",
"url": "https://www.suse.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "SUSE Bug 1247719 for CVE-2025-47906",
"url": "https://bugzilla.suse.com/1247719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-47906"
},
{
"cve": "CVE-2025-47907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47907"
}
],
"notes": [
{
"category": "general",
"text": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47907",
"url": "https://www.suse.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "SUSE Bug 1247720 for CVE-2025-47907",
"url": "https://bugzilla.suse.com/1247720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-47907"
}
]
}
wid-sec-w-2025-1205
Vulnerability from csaf_certbund
Published
2025-06-01 22:00
Modified
2025-08-14 22:00
Summary
Golang Go: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Go ist eine quelloffene Programmiersprache.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder weitere nicht spezifizierte Auswirkungen zu erziehlen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Go ist eine quelloffene Programmiersprache.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder weitere nicht spezifizierte Auswirkungen zu erziehlen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1205 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1205.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1205 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1205"
},
{
"category": "external",
"summary": "Go 1.24.4 and Go 1.23.10 pre-announcement vom 2025-06-01",
"url": "https://groups.google.com/g/Golang-Nuts/c/T9FCA0Vz5DU"
},
{
"category": "external",
"summary": "Golang GitHub vom 2025-06-01",
"url": "https://github.com/golang/go/commit/adcad7bea9f6933a219c7b05d8173cf8a4586092"
},
{
"category": "external",
"summary": "Golang GitHub vom 2025-06-01",
"url": "https://github.com/golang/go/commit/9bba799955e68972041c4f340ee4ea2d267e5c0e"
},
{
"category": "external",
"summary": "Golang GitHub vom 2025-06-01",
"url": "https://github.com/golang/go/issues/73816"
},
{
"category": "external",
"summary": "Golang Announce",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A/m/XDxq7uidAgAJ"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01848-1 vom 2025-06-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021439.html"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-202506-4 vom 2025-06-07",
"url": "https://security.archlinux.org/ASA-202506-4"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01846-1 vom 2025-06-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021440.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7574-1 vom 2025-06-19",
"url": "https://ubuntu.com/security/notices/USN-7574-1"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-2900 vom 2025-06-24",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2900.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02120-1 vom 2025-06-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021667.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2900 vom 2025-06-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2900.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10676 vom 2025-07-09",
"url": "https://access.redhat.com/errata/RHSA-2025:10676"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10672 vom 2025-07-09",
"url": "https://access.redhat.com/errata/RHSA-2025:10672"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10677 vom 2025-07-09",
"url": "https://access.redhat.com/errata/RHSA-2025:10677"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10676 vom 2025-07-09",
"url": "https://linux.oracle.com/errata/ELSA-2025-10676.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10735 vom 2025-07-09",
"url": "https://access.redhat.com/errata/RHSA-2025:10735"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2922 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2922.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-073 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-073.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-075 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-075.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-072 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-072.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-074 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-074.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2921 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2921.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2025-067 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2025-067.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2025-069 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2025-069.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-070 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-070.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-071 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-071.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2025-066 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2025-066.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10677 vom 2025-07-10",
"url": "https://linux.oracle.com/errata/ELSA-2025-10677.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2025-068 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2025-068.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10672 vom 2025-07-16",
"url": "https://linux.oracle.com/errata/ELSA-2025-10672.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15379-1 vom 2025-07-25",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OXBEI4HV3ZI5QUREZ6X2EFASXDURBHCX/"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-072 vom 2025-07-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-072.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-074 vom 2025-07-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-074.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-073 vom 2025-07-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-073.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-071 vom 2025-07-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-071.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7241536 vom 2025-08-06",
"url": "https://www.ibm.com/support/pages/node/7241536"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13931 vom 2025-08-15",
"url": "https://access.redhat.com/errata/RHSA-2025:13931"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13932 vom 2025-08-15",
"url": "https://access.redhat.com/errata/RHSA-2025:13932"
}
],
"source_lang": "en-US",
"title": "Golang Go: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-08-14T22:00:00.000+00:00",
"generator": {
"date": "2025-08-15T07:22:13.177+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1205",
"initial_release_date": "2025-06-01T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-06-01T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-06-05T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-06-09T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE und Arch Linux aufgenommen"
},
{
"date": "2025-06-11T22:00:00.000+00:00",
"number": "4",
"summary": "Referenz(en) aufgenommen: GO-2025-3750, GO-2025-3749, GO-2025-3751"
},
{
"date": "2025-06-19T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-24T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-06-26T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-30T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-07-08T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-09T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-07-10T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Amazon und Oracle Linux aufgenommen"
},
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-07-27T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-07-30T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-08-06T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-08-14T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "16"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Golang Go",
"product": {
"name": "Golang Go",
"product_id": "T029035",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.24.4",
"product": {
"name": "Golang Go \u003c1.24.4",
"product_id": "T044243"
}
},
{
"category": "product_version",
"name": "1.24.4",
"product": {
"name": "Golang Go 1.24.4",
"product_id": "T044243-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:1.24.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.23.10",
"product": {
"name": "Golang Go \u003c1.23.10",
"product_id": "T044244"
}
},
{
"category": "product_version",
"name": "1.23.10",
"product": {
"name": "Golang Go 1.23.10",
"product_id": "T044244-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:1.23.10"
}
}
}
],
"category": "product_name",
"name": "Go"
}
],
"category": "vendor",
"name": "Golang"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.14.0",
"product": {
"name": "IBM App Connect Enterprise \u003c12.14.0",
"product_id": "T045927"
}
},
{
"category": "product_version",
"name": "12.14.0",
"product": {
"name": "IBM App Connect Enterprise 12.14.0",
"product_id": "T045927-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:12.14.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003cLTS 12.0.14",
"product": {
"name": "IBM App Connect Enterprise \u003cLTS 12.0.14",
"product_id": "T045928"
}
},
{
"category": "product_version",
"name": "LTS 12.0.14",
"product": {
"name": "IBM App Connect Enterprise LTS 12.0.14",
"product_id": "T045928-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:lts_12.0.14"
}
}
}
],
"category": "product_name",
"name": "App Connect Enterprise"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Arch Linux",
"product": {
"name": "Open Source Arch Linux",
"product_id": "T013312",
"product_identification_helper": {
"cpe": "cpe:/o:archlinux:archlinux:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Builds 1.5.1",
"product": {
"name": "Red Hat OpenShift Builds 1.5.1",
"product_id": "T046264",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:builds_1.5.1"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0913",
"product_status": {
"known_affected": [
"T029035",
"67646",
"T013312",
"T045927",
"T045928",
"T004914",
"T002207",
"T000126",
"T027843",
"T046264",
"398363",
"T044243",
"T044244"
]
},
"release_date": "2025-06-01T22:00:00.000+00:00",
"title": "CVE-2025-0913"
},
{
"cve": "CVE-2025-22874",
"product_status": {
"known_affected": [
"T029035",
"67646",
"T013312",
"T045927",
"T045928",
"T004914",
"T002207",
"T000126",
"T027843",
"T046264",
"398363",
"T044243",
"T044244"
]
},
"release_date": "2025-06-01T22:00:00.000+00:00",
"title": "CVE-2025-22874"
},
{
"cve": "CVE-2025-4673",
"product_status": {
"known_affected": [
"T029035",
"67646",
"T013312",
"T045927",
"T045928",
"T004914",
"T002207",
"T000126",
"T027843",
"T046264",
"398363",
"T044243",
"T044244"
]
},
"release_date": "2025-06-01T22:00:00.000+00:00",
"title": "CVE-2025-4673"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…