Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-47907 (GCVE-0-2025-47907)
Vulnerability from cvelistv5
Published
2025-08-07 15:25
Modified
2025-08-07 15:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Go standard library | database/sql |
Version: 0 ≤ Version: 1.24.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-47907",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-07T15:45:26.297503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-07T15:48:03.634Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "database/sql",
"product": "database/sql",
"programRoutines": [
{
"name": "Rows.Scan"
},
{
"name": "Row.Scan"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.23.12",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.24.6",
"status": "affected",
"version": "1.24.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Spike Curtis from Coder"
}
],
"descriptions": [
{
"lang": "en",
"value": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-07T15:25:30.704Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/693735"
},
{
"url": "https://go.dev/issue/74831"
},
{
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-3849"
}
],
"title": "Incorrect results returned from Rows.Scan in database/sql"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-47907",
"datePublished": "2025-08-07T15:25:30.704Z",
"dateReserved": "2025-05-13T23:31:29.597Z",
"dateUpdated": "2025-08-07T15:48:03.634Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-47907\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2025-08-07T16:15:30.357\",\"lastModified\":\"2025-08-07T21:26:37.453\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":4.7}]},\"references\":[{\"url\":\"https://go.dev/cl/693735\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/issue/74831\",\"source\":\"security@golang.org\"},{\"url\":\"https://groups.google.com/g/golang-announce/c/x5MKroML2yM\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2025-3849\",\"source\":\"security@golang.org\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-47907\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-07T15:45:26.297503Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-07T15:47:25.067Z\"}}], \"cna\": {\"title\": \"Incorrect results returned from Rows.Scan in database/sql\", \"credits\": [{\"lang\": \"en\", \"value\": \"Spike Curtis from Coder\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"database/sql\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.23.12\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.24.0\", \"lessThan\": \"1.24.6\", \"versionType\": \"semver\"}], \"packageName\": \"database/sql\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"Rows.Scan\"}, {\"name\": \"Row.Scan\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/693735\"}, {\"url\": \"https://go.dev/issue/74831\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/x5MKroML2yM\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2025-3849\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2025-08-07T15:25:30.704Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-47907\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-07T15:48:03.634Z\", \"dateReserved\": \"2025-05-13T23:31:29.597Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2025-08-07T15:25:30.704Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
rhsa-2025:13941
Vulnerability from csaf_redhat
Published
2025-08-18 00:42
Modified
2025-10-24 13:35
Summary
Red Hat Security Advisory: golang security update
Notes
Topic
An update for golang is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The golang packages provide the Go programming language compiler.
Security Fix(es):
* cmd/go: Go VCS Command Execution Vulnerability (CVE-2025-4674)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* cmd/go: Go VCS Command Execution Vulnerability (CVE-2025-4674)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:13941",
"url": "https://access.redhat.com/errata/RHSA-2025:13941"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2384329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2384329"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_13941.json"
}
],
"title": "Red Hat Security Advisory: golang security update",
"tracking": {
"current_release_date": "2025-10-24T13:35:23+00:00",
"generator": {
"date": "2025-10-24T13:35:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2025:13941",
"initial_release_date": "2025-08-18T00:42:23+00:00",
"revision_history": [
{
"date": "2025-08-18T00:42:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-18T00:42:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-24T13:35:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.6-1.el10_0.aarch64",
"product": {
"name": "go-toolset-0:1.24.6-1.el10_0.aarch64",
"product_id": "go-toolset-0:1.24.6-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.6-1.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.6-1.el10_0.aarch64",
"product": {
"name": "golang-0:1.24.6-1.el10_0.aarch64",
"product_id": "golang-0:1.24.6-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.6-1.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.6-1.el10_0.aarch64",
"product": {
"name": "golang-bin-0:1.24.6-1.el10_0.aarch64",
"product_id": "golang-bin-0:1.24.6-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.6-1.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.6-1.el10_0.aarch64",
"product": {
"name": "golang-race-0:1.24.6-1.el10_0.aarch64",
"product_id": "golang-race-0:1.24.6-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.6-1.el10_0?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.6-1.el10_0.ppc64le",
"product": {
"name": "go-toolset-0:1.24.6-1.el10_0.ppc64le",
"product_id": "go-toolset-0:1.24.6-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.6-1.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.6-1.el10_0.ppc64le",
"product": {
"name": "golang-0:1.24.6-1.el10_0.ppc64le",
"product_id": "golang-0:1.24.6-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.6-1.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.6-1.el10_0.ppc64le",
"product": {
"name": "golang-bin-0:1.24.6-1.el10_0.ppc64le",
"product_id": "golang-bin-0:1.24.6-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.6-1.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.6-1.el10_0.ppc64le",
"product": {
"name": "golang-race-0:1.24.6-1.el10_0.ppc64le",
"product_id": "golang-race-0:1.24.6-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.6-1.el10_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.6-1.el10_0.x86_64",
"product": {
"name": "go-toolset-0:1.24.6-1.el10_0.x86_64",
"product_id": "go-toolset-0:1.24.6-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.6-1.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.6-1.el10_0.x86_64",
"product": {
"name": "golang-0:1.24.6-1.el10_0.x86_64",
"product_id": "golang-0:1.24.6-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.6-1.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.6-1.el10_0.x86_64",
"product": {
"name": "golang-bin-0:1.24.6-1.el10_0.x86_64",
"product_id": "golang-bin-0:1.24.6-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.6-1.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.6-1.el10_0.x86_64",
"product": {
"name": "golang-race-0:1.24.6-1.el10_0.x86_64",
"product_id": "golang-race-0:1.24.6-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.6-1.el10_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.6-1.el10_0.s390x",
"product": {
"name": "go-toolset-0:1.24.6-1.el10_0.s390x",
"product_id": "go-toolset-0:1.24.6-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.6-1.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.6-1.el10_0.s390x",
"product": {
"name": "golang-0:1.24.6-1.el10_0.s390x",
"product_id": "golang-0:1.24.6-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.6-1.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.6-1.el10_0.s390x",
"product": {
"name": "golang-bin-0:1.24.6-1.el10_0.s390x",
"product_id": "golang-bin-0:1.24.6-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.6-1.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.6-1.el10_0.s390x",
"product": {
"name": "golang-race-0:1.24.6-1.el10_0.s390x",
"product_id": "golang-race-0:1.24.6-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.6-1.el10_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.24.6-1.el10_0.src",
"product": {
"name": "golang-0:1.24.6-1.el10_0.src",
"product_id": "golang-0:1.24.6-1.el10_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.6-1.el10_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.24.6-1.el10_0.noarch",
"product": {
"name": "golang-docs-0:1.24.6-1.el10_0.noarch",
"product_id": "golang-docs-0:1.24.6-1.el10_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.24.6-1.el10_0?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.24.6-1.el10_0.noarch",
"product": {
"name": "golang-misc-0:1.24.6-1.el10_0.noarch",
"product_id": "golang-misc-0:1.24.6-1.el10_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.24.6-1.el10_0?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.24.6-1.el10_0.noarch",
"product": {
"name": "golang-src-0:1.24.6-1.el10_0.noarch",
"product_id": "golang-src-0:1.24.6-1.el10_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.24.6-1.el10_0?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.24.6-1.el10_0.noarch",
"product": {
"name": "golang-tests-0:1.24.6-1.el10_0.noarch",
"product_id": "golang-tests-0:1.24.6-1.el10_0.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.24.6-1.el10_0?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.6-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.aarch64"
},
"product_reference": "go-toolset-0:1.24.6-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.6-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.ppc64le"
},
"product_reference": "go-toolset-0:1.24.6-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.6-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.s390x"
},
"product_reference": "go-toolset-0:1.24.6-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.6-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.x86_64"
},
"product_reference": "go-toolset-0:1.24.6-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.6-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.aarch64"
},
"product_reference": "golang-0:1.24.6-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.6-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.ppc64le"
},
"product_reference": "golang-0:1.24.6-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.6-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.s390x"
},
"product_reference": "golang-0:1.24.6-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.6-1.el10_0.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.src"
},
"product_reference": "golang-0:1.24.6-1.el10_0.src",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.6-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.x86_64"
},
"product_reference": "golang-0:1.24.6-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.6-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.aarch64"
},
"product_reference": "golang-bin-0:1.24.6-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.6-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.ppc64le"
},
"product_reference": "golang-bin-0:1.24.6-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.6-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.s390x"
},
"product_reference": "golang-bin-0:1.24.6-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.6-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.x86_64"
},
"product_reference": "golang-bin-0:1.24.6-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.24.6-1.el10_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-docs-0:1.24.6-1.el10_0.noarch"
},
"product_reference": "golang-docs-0:1.24.6-1.el10_0.noarch",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.24.6-1.el10_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-misc-0:1.24.6-1.el10_0.noarch"
},
"product_reference": "golang-misc-0:1.24.6-1.el10_0.noarch",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.6-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.aarch64"
},
"product_reference": "golang-race-0:1.24.6-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.6-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.ppc64le"
},
"product_reference": "golang-race-0:1.24.6-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.6-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.s390x"
},
"product_reference": "golang-race-0:1.24.6-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.6-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.x86_64"
},
"product_reference": "golang-race-0:1.24.6-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.24.6-1.el10_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-src-0:1.24.6-1.el10_0.noarch"
},
"product_reference": "golang-src-0:1.24.6-1.el10_0.noarch",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.24.6-1.el10_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:golang-tests-0:1.24.6-1.el10_0.noarch"
},
"product_reference": "golang-tests-0:1.24.6-1.el10_0.noarch",
"relates_to_product_reference": "AppStream-10.0.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4674",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"discovery_date": "2025-07-29T22:00:54.774680+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2384329"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in cmd/go. The `go` command can execute arbitrary commands when processing untrusted version control system (VCS) repositories containing malicious configuration. This issue occurs because the command interprets VCS metadata, potentially leading to unintended command execution. This vulnerability allows a malicious actor to trigger this by providing a repository with a crafted VCS configuration, resulting in arbitrary code execution within the context of the `go` process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cmd/go: Go VCS Command Execution Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is Important rather than Moderate because it enables arbitrary command execution at the tooling level before any code is built or reviewed, effectively compromising the software supply chain at its earliest stage. Unlike flaws that require user interaction with the code itself, this issue is triggered simply by running go operations on a malicious repository\u2014an action routinely performed by developers and automated build systems. The problem lies in cmd/go\u2019s unsafe interpretation of cross-VCS metadata, allowing an attacker to inject commands that execute with the privileges of the go process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.6-1.el10_0.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4674"
},
{
"category": "external",
"summary": "RHBZ#2384329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2384329"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4674",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4674"
},
{
"category": "external",
"summary": "https://go.dev/cl/686515",
"url": "https://go.dev/cl/686515"
},
{
"category": "external",
"summary": "https://go.dev/issue/74380",
"url": "https://go.dev/issue/74380"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/gTNJnDXmn34",
"url": "https://groups.google.com/g/golang-announce/c/gTNJnDXmn34"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3828",
"url": "https://pkg.go.dev/vuln/GO-2025-3828"
}
],
"release_date": "2025-07-29T21:19:08.519000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-18T00:42:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.6-1.el10_0.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13941"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.6-1.el10_0.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.6-1.el10_0.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cmd/go: Go VCS Command Execution Vulnerability"
},
{
"cve": "CVE-2025-47906",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2025-09-18T19:00:47.541046+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396546"
}
],
"notes": [
{
"category": "description",
"text": "If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath (\"\", \".\", and \"..\"), can result in the binaries listed in the PATH being unexpectedly returned.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "os/exec: Unexpected paths returned from LookPath in os/exec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.6-1.el10_0.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "RHBZ#2396546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://go.dev/cl/691775",
"url": "https://go.dev/cl/691775"
},
{
"category": "external",
"summary": "https://go.dev/issue/74466",
"url": "https://go.dev/issue/74466"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3956",
"url": "https://pkg.go.dev/vuln/GO-2025-3956"
}
],
"release_date": "2025-09-18T18:41:11.847000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-18T00:42:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.6-1.el10_0.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13941"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.6-1.el10_0.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.6-1.el10_0.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "os/exec: Unexpected paths returned from LookPath in os/exec"
},
{
"cve": "CVE-2025-47907",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-08-07T16:01:06.247481+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387083"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "database/sql: Postgres Scan Race Condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Moderate severity issues rather than Important. The os/exec LookPath flaw requires a misconfigured PATH to be exploitable, and the database/sql race condition primarily impacts applications that cancel queries while running multiple queries concurrently. Both can cause unexpected behavior, but the exploitation scope is limited and unlikely to result in direct compromise in most typical deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.6-1.el10_0.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "RHBZ#2387083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://go.dev/cl/693735",
"url": "https://go.dev/cl/693735"
},
{
"category": "external",
"summary": "https://go.dev/issue/74831",
"url": "https://go.dev/issue/74831"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3849",
"url": "https://pkg.go.dev/vuln/GO-2025-3849"
}
],
"release_date": "2025-08-07T15:25:30.704000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-18T00:42:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.6-1.el10_0.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13941"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:go-toolset-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.src",
"AppStream-10.0.Z:golang-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-bin-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-docs-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-misc-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.aarch64",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.ppc64le",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.s390x",
"AppStream-10.0.Z:golang-race-0:1.24.6-1.el10_0.x86_64",
"AppStream-10.0.Z:golang-src-0:1.24.6-1.el10_0.noarch",
"AppStream-10.0.Z:golang-tests-0:1.24.6-1.el10_0.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "database/sql: Postgres Scan Race Condition"
}
]
}
rhsa-2025:17731
Vulnerability from csaf_redhat
Published
2025-10-09 18:48
Modified
2025-10-24 13:35
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps v1.17.2 security update
Notes
Topic
Important: Red Hat OpenShift GitOps v1.17.2 security update
Details
An update is now available for Red Hat OpenShift GitOps.
Bug Fix(es) and Enhancement(s):
* GITOPS-7180: Redis HA Proxy pod fails to start with Security Context error
* GITOPS-7331: operator controller logs error when console link is disabled
* GITOPS-7461: Redis container fails with "runAsNonRoot and image will run as root" after upgrade to argocd-operator 0.14.1
* GITOPS-7564: OpenShift GitOps v1.17 must-gather images produce an empty must-gather
* GITOPS-7606: ApplicationSet: Bitbucket SCM/PR generator leaks HTTP connections
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Important: Red Hat OpenShift GitOps v1.17.2 security update",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for Red Hat OpenShift GitOps.\nBug Fix(es) and Enhancement(s):\n* GITOPS-7180: Redis HA Proxy pod fails to start with Security Context error\n* GITOPS-7331: operator controller logs error when console link is disabled\n* GITOPS-7461: Redis container fails with \"runAsNonRoot and image will run as root\" after upgrade to argocd-operator 0.14.1\n* GITOPS-7564: OpenShift GitOps v1.17 must-gather images produce an empty must-gather\n* GITOPS-7606: ApplicationSet: Bitbucket SCM/PR generator leaks HTTP connections",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:17731",
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22874",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47907",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59531",
"url": "https://access.redhat.com/security/cve/CVE-2025-59531"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59537",
"url": "https://access.redhat.com/security/cve/CVE-2025-59537"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59538",
"url": "https://access.redhat.com/security/cve/CVE-2025-59538"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_gitops/1.17/",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_gitops/1.17/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_17731.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps v1.17.2 security update",
"tracking": {
"current_release_date": "2025-10-24T13:35:28+00:00",
"generator": {
"date": "2025-10-24T13:35:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2025:17731",
"initial_release_date": "2025-10-09T18:48:05+00:00",
"revision_history": [
{
"date": "2025-10-09T18:48:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-09T18:48:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-24T13:35:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.17",
"product": {
"name": "Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.17::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Ac28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3Aa2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3Aa73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3Afaa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3A54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3Aaf6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3Aba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3Ad3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3Acbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256%3A4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3Ac9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Ae5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3A1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3Ab6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3Ac7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3A8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3A47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3Aac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3Aa85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Aa0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3Aa182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3A9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3Aa85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3A64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3A0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Aa03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3A1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3Ab9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3Aa4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3A439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3A1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64 as a component of Red Hat OpenShift GitOps 1.17",
"product_id": "Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.17"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-06-11T17:00:48.521459+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 package. This vulnerability allows improper certificate validation, bypassing policy constraints via using ExtKeyUsageAny in VerifyOptions.KeyUsages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as an Important severity because the vulnerability was found in the certificate validation logic of the Verify function. When VerifyOptions.KeyUsages includes ExtKeyUsageAny, certificate chains containing policy graphs may bypass certificate policy validation. This flaw allows an attacker to trick the system into accepting an invalid certificate, potentially enabling spoofing attacks, the issue weakens trust decisions in affected cases and impacts system integrity. Confidentiality and availability are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "RHBZ#2372320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22874"
},
{
"category": "external",
"summary": "https://go.dev/cl/670375",
"url": "https://go.dev/cl/670375"
},
{
"category": "external",
"summary": "https://go.dev/issue/73612",
"url": "https://go.dev/issue/73612"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A",
"url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3749",
"url": "https://pkg.go.dev/vuln/GO-2025-3749"
}
],
"release_date": "2025-06-11T16:42:52.856000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:48:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509"
},
{
"cve": "CVE-2025-47907",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-08-07T16:01:06.247481+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387083"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "database/sql: Postgres Scan Race Condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Moderate severity issues rather than Important. The os/exec LookPath flaw requires a misconfigured PATH to be exploitable, and the database/sql race condition primarily impacts applications that cancel queries while running multiple queries concurrently. Both can cause unexpected behavior, but the exploitation scope is limited and unlikely to result in direct compromise in most typical deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "RHBZ#2387083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://go.dev/cl/693735",
"url": "https://go.dev/cl/693735"
},
{
"category": "external",
"summary": "https://go.dev/issue/74831",
"url": "https://go.dev/issue/74831"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3849",
"url": "https://pkg.go.dev/vuln/GO-2025-3849"
}
],
"release_date": "2025-08-07T15:25:30.704000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:48:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "database/sql: Postgres Scan Race Condition"
},
{
"cve": "CVE-2025-59531",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2025-10-01T21:03:46.509567+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400935"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was identified in the Argo CD continuous delivery tool, which is distributed as part of Red Hat GitOps product. An unauthenticated attacker can exploit this flaw by sending a specially crafted request to the Application Programming Interface (API) webhook endpoint. This action causes the API server to crash, preventing it from restarting properly. By repeatedly targeting the server, an attacker can cause a complete service outage, making the Argo CD interface unavailable to all users. This vulnerability is only exposed in configurations where a specific webhook secret has not been set.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "argocd: argocd-server: gitops: Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was rated as Important by the Red Hat Product Security team, this happens because an unauthenticated attacker is able to cause a denial of service from the whole GitOps cluster. This vulnerability affects only clusters without a configured \u0027webhook.bitbucket.secret\u0027 configuration key, thus clusters that have this option configured are not exposed to this flaw.\n\nThis vulnerability lies in a unsafe cast when trying to retrieve the `repository.links.clone`JSON field from BitBucket-Server push request. When the unsafe cast is triggered, the goroutine created by the worker to process the request will fail within an assertion panic and, as it lacks a recovery routine, the whole argocd-server binary will be terminated. If an attacker manages to force all the argocd-server replica nodes to reach this assertion failure, a Denial of Service of the whole cluster will happen.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59531"
},
{
"category": "external",
"summary": "RHBZ#2400935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400935"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59531",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59531"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59531",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59531"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/5c466a4e39802e059e75c0008ae7b7b8e842538f",
"url": "https://github.com/argoproj/argo-cd/commit/5c466a4e39802e059e75c0008ae7b7b8e842538f"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-f9gq-prrc-hrhc",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-f9gq-prrc-hrhc"
}
],
"release_date": "2025-10-01T20:49:35.428000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:48:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
},
{
"category": "workaround",
"details": "If a BitBucket repository is being used by GitOps it\u0027s possible to mitigate this vulnerability by setting up a BitBucket webhook secret to ensure only trusted parties can access the webhook endpoint.\n\nIn case BitBucket is not being used, the user can set the webhook secret to a long random value to prevent the webhook from being called:\n\n~~~\napiVersion: v1\nkind: Secret\nmetadata:\n name: argocd-secret\ntype: Opaque\ndata:\n+ webhook.bitbucketserver.secret: \u003cyour base64-encoded secret here\u003e\n~~~",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "argocd: argocd-server: gitops: Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload"
},
{
"cve": "CVE-2025-59537",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2025-10-01T22:00:51.264122+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400938"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD\u2019s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd: Argo CD unauthenticated Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk of this vulnerability is limited to the Argo-CD application. General host availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59537"
},
{
"category": "external",
"summary": "RHBZ#2400938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59537",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59537"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59537",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59537"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43",
"url": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
}
],
"release_date": "2025-10-01T21:01:36.519000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:48:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/argoproj/argo-cd: Argo CD unauthenticated Denial of Service"
},
{
"cve": "CVE-2025-59538",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"discovery_date": "2025-10-01T22:00:57.544949+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400940"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. For versions 2.9.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.6 and 3.0.17, when the webhook.azuredevops.username and webhook.azuredevops.password are not set in the default configuration, the /api/webhook endpoint crashes the entire argocd-server process when it receives an Azure DevOps Push event whose JSON array resource.refUpdates is empty. The slice index [0] is accessed without a length check, causing an index-out-of-range panic. A single unauthenticated HTTP POST is enough to kill the process. This issue is resolved in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd: Argo CD unauthenticated Remote Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk of this vulnerability is limited to the Argo-CD application. General host availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59538"
},
{
"category": "external",
"summary": "RHBZ#2400940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400940"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59538",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59538"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/1a023f1ca7fe4ec942b4b6696804988d5a632baf",
"url": "https://github.com/argoproj/argo-cd/commit/1a023f1ca7fe4ec942b4b6696804988d5a632baf"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv"
}
],
"release_date": "2025-10-01T21:09:08.870000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-09T18:48:05+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a03e72ceb733c34a4788d294d14f0e4ee0e03e2b509a4f7e78f4abebe4d8224a_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:a0686e82d2d203e6af794691ba50101aa9a1fb049523cc50aa0a870bdcae4113_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:c28cabf7a7e417448c23bed8741d86cec7a60b70598672a8766279ea67a7d570_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:e5c9119e2417f4085ad78a71653ec1653096923672d03b4d8a384334dca20a90_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1dd0c50f25497541f3b4e35b802ed9110987870d38960bda7d530436f7875e73_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1f35c7ec22e6cb4c4d1e5da664a4b4fdd6e4b9fe98c93e9f5f6e9b16dcc12ff5_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a182f8ec61c4dc5f32a87750e28b792d0ff3b666ae9d67a39ac9dc6e2bc84e5e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a73d1a81029d39de7900b5c52f22bcb57188d973391c4a2f81bbde612b9185fb_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:1eb401fa44278a8558d45167b3d2507fac77521a2fb322bb66012d4cdfec87b6_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:5109b457be26c5d03311c5fa52f43d4db7606ecae58360a479fa8562d808fadc_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:b6c7ce8543542a2943498c7cc5f3be103493d7c8a3055dfbfe4b468285542cc7_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:faa950d8512bc45382646c6c7d403ebf91fcd47d8ca65f4124fed91e77bebf2e_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:12e0ab863663d47e2a483839e000eb8fa624bd5766bf706213db295a0e00815f_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:4b3765fa97fcf85c39a17e88712fdd1bfa158a8677f714e862d35cadedeeda62_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:99403da3c050737dbda083bb11d413b317fa2cb7143ee4ce0125fb6ad44ca184_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a2339147b13271b43dfd58901f09ed024a5f8d1ad1def8639c416710d68f1ca3_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:54f6d32f5aa8ad998eb98ef2035b7593704cca8db98251ff77405801920e324b_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:9ef69c345cfa9198e4d56366946741f83413e0cc1e63a95104a5dd476805e78d_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:b9125f40d94e6aa05df7814a23d47e904ccee9f5204ebcfd994f9432b3feb0fb_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:c7b52016e71fc0b1118e0253840f261c0d21a64a9135b5f7971cb6dab3dcc285_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:8fd8642fc3d8133141119dd425bc78bb57be51360cb3c28cc1b54968e79b6b55_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a4b698bd79e935b61cfc559ac512fd1e634d6f347a6afe335161de3325a164ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:a85ac1be1b1879662d4cec1033d6916f4c142221282aff09113383ba236a2bdb_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:af6d72cac08a08cc48d446e426fe1e34e21d71a7779dafdbea08173be063149f_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:439fef0be72eb98010e262668a420425c4b74924c3a929dcbac987de1341d8e6_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:47c66c140471b49a4e95bc25788d261e8951eeec2a55ea5d07b8a3670a393ef6_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:64d8c57090f88ebd3671a390e1b1956f799cda24c85e978d8f937f302ceb40f5_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ba88e66dc3f39019be91230d122ee73e0b0b931a6d3c7d7130f2a7dbb0d4c553_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:4fc82c51692138acd9a7232fc4b3451cbca9f7be763452c811bea7a68867cb93_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:5cdb2206120407d94f409ebb2639c5b61679df14be99d60db25703ab9f9b3ef4_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:689a9a102c8087e3adf3646dc686647cb6197df3524cab1db6ba94e618c55282_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:a85eb07d72178b495f77ed1566f3ec72969fdc8acf83b2e847e7c393739ee459_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:cbbc245f3f5be44aff1e09b209c814bb7128b53d2530b17c02c4b810fe682787_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:0c32ee1204ce384bf91892ddc887e9eff7059242f387c614ca6049c9c0392c4e_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cd978e7d7fbf499996c6f2da908ee77a07f5fe229b4424b7f48ee94f142e4ab_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:ac34135ee63849e8620c33cfdd619f810d87d07d2ba9ca35c0932bdbf1e1d6cc_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:d3f6398dc0b730251e2cac7826c14cca18324ce6854d7844aad43ebc22a1c7ec_amd64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:2bfd51f1bee622faddee3acd58f372c0b3b4db406ffabeae84677b091e364a53_s390x",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:36ce4a97fb4a83ee3aec72957c2bb028f35e5adc3c936c2786970ff7562c0783_ppc64le",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:87add4524478a000579bc7caa048946e2bf2ca65886da0dd032c4be455d78fc8_arm64",
"Red Hat OpenShift GitOps 1.17:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:c9ec61f94b616f0dff0c0aa0de9d719449a6d24e77b4ac2af760098af5328523_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/argoproj/argo-cd: Argo CD unauthenticated Remote Denial of Service"
}
]
}
rhsa-2025:13935
Vulnerability from csaf_redhat
Published
2025-08-18 00:53
Modified
2025-10-24 13:35
Summary
Red Hat Security Advisory: golang security update
Notes
Topic
An update for golang is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The golang packages provide the Go programming language compiler.
Security Fix(es):
* cmd/go: Go VCS Command Execution Vulnerability (CVE-2025-4674)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* cmd/go: Go VCS Command Execution Vulnerability (CVE-2025-4674)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:13935",
"url": "https://access.redhat.com/errata/RHSA-2025:13935"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2384329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2384329"
},
{
"category": "external",
"summary": "RHEL-108935",
"url": "https://issues.redhat.com/browse/RHEL-108935"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_13935.json"
}
],
"title": "Red Hat Security Advisory: golang security update",
"tracking": {
"current_release_date": "2025-10-24T13:35:24+00:00",
"generator": {
"date": "2025-10-24T13:35:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2025:13935",
"initial_release_date": "2025-08-18T00:53:52+00:00",
"revision_history": [
{
"date": "2025-08-18T00:53:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-18T00:53:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-24T13:35:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.6-1.el9_6.aarch64",
"product": {
"name": "go-toolset-0:1.24.6-1.el9_6.aarch64",
"product_id": "go-toolset-0:1.24.6-1.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.6-1.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.6-1.el9_6.aarch64",
"product": {
"name": "golang-0:1.24.6-1.el9_6.aarch64",
"product_id": "golang-0:1.24.6-1.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.6-1.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.6-1.el9_6.aarch64",
"product": {
"name": "golang-bin-0:1.24.6-1.el9_6.aarch64",
"product_id": "golang-bin-0:1.24.6-1.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.6-1.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.6-1.el9_6.aarch64",
"product": {
"name": "golang-race-0:1.24.6-1.el9_6.aarch64",
"product_id": "golang-race-0:1.24.6-1.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.6-1.el9_6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.6-1.el9_6.ppc64le",
"product": {
"name": "go-toolset-0:1.24.6-1.el9_6.ppc64le",
"product_id": "go-toolset-0:1.24.6-1.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.6-1.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.6-1.el9_6.ppc64le",
"product": {
"name": "golang-0:1.24.6-1.el9_6.ppc64le",
"product_id": "golang-0:1.24.6-1.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.6-1.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.6-1.el9_6.ppc64le",
"product": {
"name": "golang-bin-0:1.24.6-1.el9_6.ppc64le",
"product_id": "golang-bin-0:1.24.6-1.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.6-1.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.6-1.el9_6.ppc64le",
"product": {
"name": "golang-race-0:1.24.6-1.el9_6.ppc64le",
"product_id": "golang-race-0:1.24.6-1.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.6-1.el9_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.6-1.el9_6.x86_64",
"product": {
"name": "go-toolset-0:1.24.6-1.el9_6.x86_64",
"product_id": "go-toolset-0:1.24.6-1.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.6-1.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.6-1.el9_6.x86_64",
"product": {
"name": "golang-0:1.24.6-1.el9_6.x86_64",
"product_id": "golang-0:1.24.6-1.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.6-1.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.6-1.el9_6.x86_64",
"product": {
"name": "golang-bin-0:1.24.6-1.el9_6.x86_64",
"product_id": "golang-bin-0:1.24.6-1.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.6-1.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.6-1.el9_6.x86_64",
"product": {
"name": "golang-race-0:1.24.6-1.el9_6.x86_64",
"product_id": "golang-race-0:1.24.6-1.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.6-1.el9_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.24.6-1.el9_6.s390x",
"product": {
"name": "go-toolset-0:1.24.6-1.el9_6.s390x",
"product_id": "go-toolset-0:1.24.6-1.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.24.6-1.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.24.6-1.el9_6.s390x",
"product": {
"name": "golang-0:1.24.6-1.el9_6.s390x",
"product_id": "golang-0:1.24.6-1.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.6-1.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.24.6-1.el9_6.s390x",
"product": {
"name": "golang-bin-0:1.24.6-1.el9_6.s390x",
"product_id": "golang-bin-0:1.24.6-1.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.24.6-1.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.24.6-1.el9_6.s390x",
"product": {
"name": "golang-race-0:1.24.6-1.el9_6.s390x",
"product_id": "golang-race-0:1.24.6-1.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.24.6-1.el9_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.24.6-1.el9_6.src",
"product": {
"name": "golang-0:1.24.6-1.el9_6.src",
"product_id": "golang-0:1.24.6-1.el9_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.24.6-1.el9_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.24.6-1.el9_6.noarch",
"product": {
"name": "golang-docs-0:1.24.6-1.el9_6.noarch",
"product_id": "golang-docs-0:1.24.6-1.el9_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.24.6-1.el9_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.24.6-1.el9_6.noarch",
"product": {
"name": "golang-misc-0:1.24.6-1.el9_6.noarch",
"product_id": "golang-misc-0:1.24.6-1.el9_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.24.6-1.el9_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.24.6-1.el9_6.noarch",
"product": {
"name": "golang-src-0:1.24.6-1.el9_6.noarch",
"product_id": "golang-src-0:1.24.6-1.el9_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.24.6-1.el9_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.24.6-1.el9_6.noarch",
"product": {
"name": "golang-tests-0:1.24.6-1.el9_6.noarch",
"product_id": "golang-tests-0:1.24.6-1.el9_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.24.6-1.el9_6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.6-1.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.aarch64"
},
"product_reference": "go-toolset-0:1.24.6-1.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.6-1.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.ppc64le"
},
"product_reference": "go-toolset-0:1.24.6-1.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.6-1.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.s390x"
},
"product_reference": "go-toolset-0:1.24.6-1.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.24.6-1.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.x86_64"
},
"product_reference": "go-toolset-0:1.24.6-1.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.6-1.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.aarch64"
},
"product_reference": "golang-0:1.24.6-1.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.6-1.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.ppc64le"
},
"product_reference": "golang-0:1.24.6-1.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.6-1.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.s390x"
},
"product_reference": "golang-0:1.24.6-1.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.6-1.el9_6.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.src"
},
"product_reference": "golang-0:1.24.6-1.el9_6.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.24.6-1.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.x86_64"
},
"product_reference": "golang-0:1.24.6-1.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.6-1.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.aarch64"
},
"product_reference": "golang-bin-0:1.24.6-1.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.6-1.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.ppc64le"
},
"product_reference": "golang-bin-0:1.24.6-1.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.6-1.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.s390x"
},
"product_reference": "golang-bin-0:1.24.6-1.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.24.6-1.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.x86_64"
},
"product_reference": "golang-bin-0:1.24.6-1.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.24.6-1.el9_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.6-1.el9_6.noarch"
},
"product_reference": "golang-docs-0:1.24.6-1.el9_6.noarch",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.24.6-1.el9_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.6-1.el9_6.noarch"
},
"product_reference": "golang-misc-0:1.24.6-1.el9_6.noarch",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.6-1.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.aarch64"
},
"product_reference": "golang-race-0:1.24.6-1.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.6-1.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.ppc64le"
},
"product_reference": "golang-race-0:1.24.6-1.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.6-1.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.s390x"
},
"product_reference": "golang-race-0:1.24.6-1.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.24.6-1.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.x86_64"
},
"product_reference": "golang-race-0:1.24.6-1.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.24.6-1.el9_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.6-1.el9_6.noarch"
},
"product_reference": "golang-src-0:1.24.6-1.el9_6.noarch",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.24.6-1.el9_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.6-1.el9_6.noarch"
},
"product_reference": "golang-tests-0:1.24.6-1.el9_6.noarch",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4674",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"discovery_date": "2025-07-29T22:00:54.774680+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2384329"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in cmd/go. The `go` command can execute arbitrary commands when processing untrusted version control system (VCS) repositories containing malicious configuration. This issue occurs because the command interprets VCS metadata, potentially leading to unintended command execution. This vulnerability allows a malicious actor to trigger this by providing a repository with a crafted VCS configuration, resulting in arbitrary code execution within the context of the `go` process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cmd/go: Go VCS Command Execution Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is Important rather than Moderate because it enables arbitrary command execution at the tooling level before any code is built or reviewed, effectively compromising the software supply chain at its earliest stage. Unlike flaws that require user interaction with the code itself, this issue is triggered simply by running go operations on a malicious repository\u2014an action routinely performed by developers and automated build systems. The problem lies in cmd/go\u2019s unsafe interpretation of cross-VCS metadata, allowing an attacker to inject commands that execute with the privileges of the go process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.6-1.el9_6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4674"
},
{
"category": "external",
"summary": "RHBZ#2384329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2384329"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4674",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4674"
},
{
"category": "external",
"summary": "https://go.dev/cl/686515",
"url": "https://go.dev/cl/686515"
},
{
"category": "external",
"summary": "https://go.dev/issue/74380",
"url": "https://go.dev/issue/74380"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/gTNJnDXmn34",
"url": "https://groups.google.com/g/golang-announce/c/gTNJnDXmn34"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3828",
"url": "https://pkg.go.dev/vuln/GO-2025-3828"
}
],
"release_date": "2025-07-29T21:19:08.519000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-18T00:53:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.6-1.el9_6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13935"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.6-1.el9_6.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.6-1.el9_6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cmd/go: Go VCS Command Execution Vulnerability"
},
{
"cve": "CVE-2025-47906",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2025-09-18T19:00:47.541046+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396546"
}
],
"notes": [
{
"category": "description",
"text": "If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath (\"\", \".\", and \"..\"), can result in the binaries listed in the PATH being unexpectedly returned.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "os/exec: Unexpected paths returned from LookPath in os/exec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.6-1.el9_6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "RHBZ#2396546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://go.dev/cl/691775",
"url": "https://go.dev/cl/691775"
},
{
"category": "external",
"summary": "https://go.dev/issue/74466",
"url": "https://go.dev/issue/74466"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3956",
"url": "https://pkg.go.dev/vuln/GO-2025-3956"
}
],
"release_date": "2025-09-18T18:41:11.847000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-18T00:53:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.6-1.el9_6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13935"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.6-1.el9_6.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.6-1.el9_6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "os/exec: Unexpected paths returned from LookPath in os/exec"
},
{
"cve": "CVE-2025-47907",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-08-07T16:01:06.247481+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387083"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "database/sql: Postgres Scan Race Condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Moderate severity issues rather than Important. The os/exec LookPath flaw requires a misconfigured PATH to be exploitable, and the database/sql race condition primarily impacts applications that cancel queries while running multiple queries concurrently. Both can cause unexpected behavior, but the exploitation scope is limited and unlikely to result in direct compromise in most typical deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.6-1.el9_6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "RHBZ#2387083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://go.dev/cl/693735",
"url": "https://go.dev/cl/693735"
},
{
"category": "external",
"summary": "https://go.dev/issue/74831",
"url": "https://go.dev/issue/74831"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3849",
"url": "https://pkg.go.dev/vuln/GO-2025-3849"
}
],
"release_date": "2025-08-07T15:25:30.704000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-18T00:53:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.6-1.el9_6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13935"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:go-toolset-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:golang-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-bin-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-docs-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-misc-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:golang-race-0:1.24.6-1.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:golang-src-0:1.24.6-1.el9_6.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:golang-tests-0:1.24.6-1.el9_6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "database/sql: Postgres Scan Race Condition"
}
]
}
opensuse-su-2025:15420-1
Vulnerability from csaf_opensuse
Published
2025-08-07 00:00
Modified
2025-08-07 00:00
Summary
go1.25-1.25rc3-1.1 on GA media
Notes
Title of the patch
go1.25-1.25rc3-1.1 on GA media
Description of the patch
These are all security issues fixed in the go1.25-1.25rc3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15420
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go1.25-1.25rc3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go1.25-1.25rc3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15420",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15420-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47906 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47907 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47907/"
}
],
"title": "go1.25-1.25rc3-1.1 on GA media",
"tracking": {
"current_release_date": "2025-08-07T00:00:00Z",
"generator": {
"date": "2025-08-07T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15420-1",
"initial_release_date": "2025-08-07T00:00:00Z",
"revision_history": [
{
"date": "2025-08-07T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25rc3-1.1.aarch64",
"product": {
"name": "go1.25-1.25rc3-1.1.aarch64",
"product_id": "go1.25-1.25rc3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25rc3-1.1.aarch64",
"product": {
"name": "go1.25-doc-1.25rc3-1.1.aarch64",
"product_id": "go1.25-doc-1.25rc3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25rc3-1.1.aarch64",
"product": {
"name": "go1.25-libstd-1.25rc3-1.1.aarch64",
"product_id": "go1.25-libstd-1.25rc3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25rc3-1.1.aarch64",
"product": {
"name": "go1.25-race-1.25rc3-1.1.aarch64",
"product_id": "go1.25-race-1.25rc3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25rc3-1.1.ppc64le",
"product": {
"name": "go1.25-1.25rc3-1.1.ppc64le",
"product_id": "go1.25-1.25rc3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25rc3-1.1.ppc64le",
"product": {
"name": "go1.25-doc-1.25rc3-1.1.ppc64le",
"product_id": "go1.25-doc-1.25rc3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25rc3-1.1.ppc64le",
"product": {
"name": "go1.25-libstd-1.25rc3-1.1.ppc64le",
"product_id": "go1.25-libstd-1.25rc3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25rc3-1.1.ppc64le",
"product": {
"name": "go1.25-race-1.25rc3-1.1.ppc64le",
"product_id": "go1.25-race-1.25rc3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25rc3-1.1.s390x",
"product": {
"name": "go1.25-1.25rc3-1.1.s390x",
"product_id": "go1.25-1.25rc3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25rc3-1.1.s390x",
"product": {
"name": "go1.25-doc-1.25rc3-1.1.s390x",
"product_id": "go1.25-doc-1.25rc3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25rc3-1.1.s390x",
"product": {
"name": "go1.25-libstd-1.25rc3-1.1.s390x",
"product_id": "go1.25-libstd-1.25rc3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25rc3-1.1.s390x",
"product": {
"name": "go1.25-race-1.25rc3-1.1.s390x",
"product_id": "go1.25-race-1.25rc3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25rc3-1.1.x86_64",
"product": {
"name": "go1.25-1.25rc3-1.1.x86_64",
"product_id": "go1.25-1.25rc3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25rc3-1.1.x86_64",
"product": {
"name": "go1.25-doc-1.25rc3-1.1.x86_64",
"product_id": "go1.25-doc-1.25rc3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25rc3-1.1.x86_64",
"product": {
"name": "go1.25-libstd-1.25rc3-1.1.x86_64",
"product_id": "go1.25-libstd-1.25rc3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25rc3-1.1.x86_64",
"product": {
"name": "go1.25-race-1.25rc3-1.1.x86_64",
"product_id": "go1.25-race-1.25rc3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25rc3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-1.25rc3-1.1.aarch64"
},
"product_reference": "go1.25-1.25rc3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25rc3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-1.25rc3-1.1.ppc64le"
},
"product_reference": "go1.25-1.25rc3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25rc3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-1.25rc3-1.1.s390x"
},
"product_reference": "go1.25-1.25rc3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25rc3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-1.25rc3-1.1.x86_64"
},
"product_reference": "go1.25-1.25rc3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25rc3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.aarch64"
},
"product_reference": "go1.25-doc-1.25rc3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25rc3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25rc3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25rc3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.s390x"
},
"product_reference": "go1.25-doc-1.25rc3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25rc3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.x86_64"
},
"product_reference": "go1.25-doc-1.25rc3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25rc3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.aarch64"
},
"product_reference": "go1.25-libstd-1.25rc3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25rc3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.ppc64le"
},
"product_reference": "go1.25-libstd-1.25rc3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25rc3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.s390x"
},
"product_reference": "go1.25-libstd-1.25rc3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25rc3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.x86_64"
},
"product_reference": "go1.25-libstd-1.25rc3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25rc3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.aarch64"
},
"product_reference": "go1.25-race-1.25rc3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25rc3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.ppc64le"
},
"product_reference": "go1.25-race-1.25rc3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25rc3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.s390x"
},
"product_reference": "go1.25-race-1.25rc3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25rc3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.x86_64"
},
"product_reference": "go1.25-race-1.25rc3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47906"
}
],
"notes": [
{
"category": "general",
"text": "If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath (\"\", \".\", and \"..\"), can result in the binaries listed in the PATH being unexpectedly returned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47906",
"url": "https://www.suse.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "SUSE Bug 1247719 for CVE-2025-47906",
"url": "https://bugzilla.suse.com/1247719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47906"
},
{
"cve": "CVE-2025-47907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47907"
}
],
"notes": [
{
"category": "general",
"text": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47907",
"url": "https://www.suse.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "SUSE Bug 1247720 for CVE-2025-47907",
"url": "https://bugzilla.suse.com/1247720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25rc3-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25rc3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47907"
}
]
}
opensuse-su-2025:15423-1
Vulnerability from csaf_opensuse
Published
2025-08-08 00:00
Modified
2025-08-08 00:00
Summary
go1.24-1.24.6-1.1 on GA media
Notes
Title of the patch
go1.24-1.24.6-1.1 on GA media
Description of the patch
These are all security issues fixed in the go1.24-1.24.6-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15423
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go1.24-1.24.6-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go1.24-1.24.6-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15423",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15423-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47906 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47907 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47907/"
}
],
"title": "go1.24-1.24.6-1.1 on GA media",
"tracking": {
"current_release_date": "2025-08-08T00:00:00Z",
"generator": {
"date": "2025-08-08T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15423-1",
"initial_release_date": "2025-08-08T00:00:00Z",
"revision_history": [
{
"date": "2025-08-08T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.6-1.1.aarch64",
"product": {
"name": "go1.24-1.24.6-1.1.aarch64",
"product_id": "go1.24-1.24.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.6-1.1.aarch64",
"product": {
"name": "go1.24-doc-1.24.6-1.1.aarch64",
"product_id": "go1.24-doc-1.24.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.6-1.1.aarch64",
"product": {
"name": "go1.24-libstd-1.24.6-1.1.aarch64",
"product_id": "go1.24-libstd-1.24.6-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.6-1.1.aarch64",
"product": {
"name": "go1.24-race-1.24.6-1.1.aarch64",
"product_id": "go1.24-race-1.24.6-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.6-1.1.ppc64le",
"product": {
"name": "go1.24-1.24.6-1.1.ppc64le",
"product_id": "go1.24-1.24.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.6-1.1.ppc64le",
"product": {
"name": "go1.24-doc-1.24.6-1.1.ppc64le",
"product_id": "go1.24-doc-1.24.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.6-1.1.ppc64le",
"product": {
"name": "go1.24-libstd-1.24.6-1.1.ppc64le",
"product_id": "go1.24-libstd-1.24.6-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.6-1.1.ppc64le",
"product": {
"name": "go1.24-race-1.24.6-1.1.ppc64le",
"product_id": "go1.24-race-1.24.6-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.6-1.1.s390x",
"product": {
"name": "go1.24-1.24.6-1.1.s390x",
"product_id": "go1.24-1.24.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.6-1.1.s390x",
"product": {
"name": "go1.24-doc-1.24.6-1.1.s390x",
"product_id": "go1.24-doc-1.24.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.6-1.1.s390x",
"product": {
"name": "go1.24-libstd-1.24.6-1.1.s390x",
"product_id": "go1.24-libstd-1.24.6-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.6-1.1.s390x",
"product": {
"name": "go1.24-race-1.24.6-1.1.s390x",
"product_id": "go1.24-race-1.24.6-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.6-1.1.x86_64",
"product": {
"name": "go1.24-1.24.6-1.1.x86_64",
"product_id": "go1.24-1.24.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.6-1.1.x86_64",
"product": {
"name": "go1.24-doc-1.24.6-1.1.x86_64",
"product_id": "go1.24-doc-1.24.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.6-1.1.x86_64",
"product": {
"name": "go1.24-libstd-1.24.6-1.1.x86_64",
"product_id": "go1.24-libstd-1.24.6-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.6-1.1.x86_64",
"product": {
"name": "go1.24-race-1.24.6-1.1.x86_64",
"product_id": "go1.24-race-1.24.6-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-1.24.6-1.1.aarch64"
},
"product_reference": "go1.24-1.24.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-1.24.6-1.1.ppc64le"
},
"product_reference": "go1.24-1.24.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-1.24.6-1.1.s390x"
},
"product_reference": "go1.24-1.24.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-1.24.6-1.1.x86_64"
},
"product_reference": "go1.24-1.24.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.ppc64le"
},
"product_reference": "go1.24-doc-1.24.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.s390x"
},
"product_reference": "go1.24-doc-1.24.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.aarch64"
},
"product_reference": "go1.24-libstd-1.24.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.ppc64le"
},
"product_reference": "go1.24-libstd-1.24.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.s390x"
},
"product_reference": "go1.24-libstd-1.24.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.x86_64"
},
"product_reference": "go1.24-libstd-1.24.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.aarch64"
},
"product_reference": "go1.24-race-1.24.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.ppc64le"
},
"product_reference": "go1.24-race-1.24.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.s390x"
},
"product_reference": "go1.24-race-1.24.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.x86_64"
},
"product_reference": "go1.24-race-1.24.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47906"
}
],
"notes": [
{
"category": "general",
"text": "If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath (\"\", \".\", and \"..\"), can result in the binaries listed in the PATH being unexpectedly returned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47906",
"url": "https://www.suse.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "SUSE Bug 1247719 for CVE-2025-47906",
"url": "https://bugzilla.suse.com/1247719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47906"
},
{
"cve": "CVE-2025-47907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47907"
}
],
"notes": [
{
"category": "general",
"text": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47907",
"url": "https://www.suse.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "SUSE Bug 1247720 for CVE-2025-47907",
"url": "https://bugzilla.suse.com/1247720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.6-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47907"
}
]
}
opensuse-su-2025:15464-1
Vulnerability from csaf_opensuse
Published
2025-08-19 00:00
Modified
2025-08-19 00:00
Summary
nova-3.11.8-1.1 on GA media
Notes
Title of the patch
nova-3.11.8-1.1 on GA media
Description of the patch
These are all security issues fixed in the nova-3.11.8-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15464
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "nova-3.11.8-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the nova-3.11.8-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15464",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15464-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47907 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47907/"
}
],
"title": "nova-3.11.8-1.1 on GA media",
"tracking": {
"current_release_date": "2025-08-19T00:00:00Z",
"generator": {
"date": "2025-08-19T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15464-1",
"initial_release_date": "2025-08-19T00:00:00Z",
"revision_history": [
{
"date": "2025-08-19T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nova-3.11.8-1.1.aarch64",
"product": {
"name": "nova-3.11.8-1.1.aarch64",
"product_id": "nova-3.11.8-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "nova-bash-completion-3.11.8-1.1.aarch64",
"product": {
"name": "nova-bash-completion-3.11.8-1.1.aarch64",
"product_id": "nova-bash-completion-3.11.8-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "nova-fish-completion-3.11.8-1.1.aarch64",
"product": {
"name": "nova-fish-completion-3.11.8-1.1.aarch64",
"product_id": "nova-fish-completion-3.11.8-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "nova-zsh-completion-3.11.8-1.1.aarch64",
"product": {
"name": "nova-zsh-completion-3.11.8-1.1.aarch64",
"product_id": "nova-zsh-completion-3.11.8-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nova-3.11.8-1.1.ppc64le",
"product": {
"name": "nova-3.11.8-1.1.ppc64le",
"product_id": "nova-3.11.8-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nova-bash-completion-3.11.8-1.1.ppc64le",
"product": {
"name": "nova-bash-completion-3.11.8-1.1.ppc64le",
"product_id": "nova-bash-completion-3.11.8-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nova-fish-completion-3.11.8-1.1.ppc64le",
"product": {
"name": "nova-fish-completion-3.11.8-1.1.ppc64le",
"product_id": "nova-fish-completion-3.11.8-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nova-zsh-completion-3.11.8-1.1.ppc64le",
"product": {
"name": "nova-zsh-completion-3.11.8-1.1.ppc64le",
"product_id": "nova-zsh-completion-3.11.8-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nova-3.11.8-1.1.s390x",
"product": {
"name": "nova-3.11.8-1.1.s390x",
"product_id": "nova-3.11.8-1.1.s390x"
}
},
{
"category": "product_version",
"name": "nova-bash-completion-3.11.8-1.1.s390x",
"product": {
"name": "nova-bash-completion-3.11.8-1.1.s390x",
"product_id": "nova-bash-completion-3.11.8-1.1.s390x"
}
},
{
"category": "product_version",
"name": "nova-fish-completion-3.11.8-1.1.s390x",
"product": {
"name": "nova-fish-completion-3.11.8-1.1.s390x",
"product_id": "nova-fish-completion-3.11.8-1.1.s390x"
}
},
{
"category": "product_version",
"name": "nova-zsh-completion-3.11.8-1.1.s390x",
"product": {
"name": "nova-zsh-completion-3.11.8-1.1.s390x",
"product_id": "nova-zsh-completion-3.11.8-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nova-3.11.8-1.1.x86_64",
"product": {
"name": "nova-3.11.8-1.1.x86_64",
"product_id": "nova-3.11.8-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "nova-bash-completion-3.11.8-1.1.x86_64",
"product": {
"name": "nova-bash-completion-3.11.8-1.1.x86_64",
"product_id": "nova-bash-completion-3.11.8-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "nova-fish-completion-3.11.8-1.1.x86_64",
"product": {
"name": "nova-fish-completion-3.11.8-1.1.x86_64",
"product_id": "nova-fish-completion-3.11.8-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "nova-zsh-completion-3.11.8-1.1.x86_64",
"product": {
"name": "nova-zsh-completion-3.11.8-1.1.x86_64",
"product_id": "nova-zsh-completion-3.11.8-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-3.11.8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-3.11.8-1.1.aarch64"
},
"product_reference": "nova-3.11.8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-3.11.8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-3.11.8-1.1.ppc64le"
},
"product_reference": "nova-3.11.8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-3.11.8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-3.11.8-1.1.s390x"
},
"product_reference": "nova-3.11.8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-3.11.8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-3.11.8-1.1.x86_64"
},
"product_reference": "nova-3.11.8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-bash-completion-3.11.8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-bash-completion-3.11.8-1.1.aarch64"
},
"product_reference": "nova-bash-completion-3.11.8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-bash-completion-3.11.8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-bash-completion-3.11.8-1.1.ppc64le"
},
"product_reference": "nova-bash-completion-3.11.8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-bash-completion-3.11.8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-bash-completion-3.11.8-1.1.s390x"
},
"product_reference": "nova-bash-completion-3.11.8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-bash-completion-3.11.8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-bash-completion-3.11.8-1.1.x86_64"
},
"product_reference": "nova-bash-completion-3.11.8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-fish-completion-3.11.8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-fish-completion-3.11.8-1.1.aarch64"
},
"product_reference": "nova-fish-completion-3.11.8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-fish-completion-3.11.8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-fish-completion-3.11.8-1.1.ppc64le"
},
"product_reference": "nova-fish-completion-3.11.8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-fish-completion-3.11.8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-fish-completion-3.11.8-1.1.s390x"
},
"product_reference": "nova-fish-completion-3.11.8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-fish-completion-3.11.8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-fish-completion-3.11.8-1.1.x86_64"
},
"product_reference": "nova-fish-completion-3.11.8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-zsh-completion-3.11.8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-zsh-completion-3.11.8-1.1.aarch64"
},
"product_reference": "nova-zsh-completion-3.11.8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-zsh-completion-3.11.8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-zsh-completion-3.11.8-1.1.ppc64le"
},
"product_reference": "nova-zsh-completion-3.11.8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-zsh-completion-3.11.8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-zsh-completion-3.11.8-1.1.s390x"
},
"product_reference": "nova-zsh-completion-3.11.8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nova-zsh-completion-3.11.8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nova-zsh-completion-3.11.8-1.1.x86_64"
},
"product_reference": "nova-zsh-completion-3.11.8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47907"
}
],
"notes": [
{
"category": "general",
"text": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:nova-3.11.8-1.1.aarch64",
"openSUSE Tumbleweed:nova-3.11.8-1.1.ppc64le",
"openSUSE Tumbleweed:nova-3.11.8-1.1.s390x",
"openSUSE Tumbleweed:nova-3.11.8-1.1.x86_64",
"openSUSE Tumbleweed:nova-bash-completion-3.11.8-1.1.aarch64",
"openSUSE Tumbleweed:nova-bash-completion-3.11.8-1.1.ppc64le",
"openSUSE Tumbleweed:nova-bash-completion-3.11.8-1.1.s390x",
"openSUSE Tumbleweed:nova-bash-completion-3.11.8-1.1.x86_64",
"openSUSE Tumbleweed:nova-fish-completion-3.11.8-1.1.aarch64",
"openSUSE Tumbleweed:nova-fish-completion-3.11.8-1.1.ppc64le",
"openSUSE Tumbleweed:nova-fish-completion-3.11.8-1.1.s390x",
"openSUSE Tumbleweed:nova-fish-completion-3.11.8-1.1.x86_64",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.8-1.1.aarch64",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.8-1.1.ppc64le",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.8-1.1.s390x",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.8-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47907",
"url": "https://www.suse.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "SUSE Bug 1247720 for CVE-2025-47907",
"url": "https://bugzilla.suse.com/1247720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:nova-3.11.8-1.1.aarch64",
"openSUSE Tumbleweed:nova-3.11.8-1.1.ppc64le",
"openSUSE Tumbleweed:nova-3.11.8-1.1.s390x",
"openSUSE Tumbleweed:nova-3.11.8-1.1.x86_64",
"openSUSE Tumbleweed:nova-bash-completion-3.11.8-1.1.aarch64",
"openSUSE Tumbleweed:nova-bash-completion-3.11.8-1.1.ppc64le",
"openSUSE Tumbleweed:nova-bash-completion-3.11.8-1.1.s390x",
"openSUSE Tumbleweed:nova-bash-completion-3.11.8-1.1.x86_64",
"openSUSE Tumbleweed:nova-fish-completion-3.11.8-1.1.aarch64",
"openSUSE Tumbleweed:nova-fish-completion-3.11.8-1.1.ppc64le",
"openSUSE Tumbleweed:nova-fish-completion-3.11.8-1.1.s390x",
"openSUSE Tumbleweed:nova-fish-completion-3.11.8-1.1.x86_64",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.8-1.1.aarch64",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.8-1.1.ppc64le",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.8-1.1.s390x",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.8-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:nova-3.11.8-1.1.aarch64",
"openSUSE Tumbleweed:nova-3.11.8-1.1.ppc64le",
"openSUSE Tumbleweed:nova-3.11.8-1.1.s390x",
"openSUSE Tumbleweed:nova-3.11.8-1.1.x86_64",
"openSUSE Tumbleweed:nova-bash-completion-3.11.8-1.1.aarch64",
"openSUSE Tumbleweed:nova-bash-completion-3.11.8-1.1.ppc64le",
"openSUSE Tumbleweed:nova-bash-completion-3.11.8-1.1.s390x",
"openSUSE Tumbleweed:nova-bash-completion-3.11.8-1.1.x86_64",
"openSUSE Tumbleweed:nova-fish-completion-3.11.8-1.1.aarch64",
"openSUSE Tumbleweed:nova-fish-completion-3.11.8-1.1.ppc64le",
"openSUSE Tumbleweed:nova-fish-completion-3.11.8-1.1.s390x",
"openSUSE Tumbleweed:nova-fish-completion-3.11.8-1.1.x86_64",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.8-1.1.aarch64",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.8-1.1.ppc64le",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.8-1.1.s390x",
"openSUSE Tumbleweed:nova-zsh-completion-3.11.8-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47907"
}
]
}
opensuse-su-2025:15465-1
Vulnerability from csaf_opensuse
Published
2025-08-19 00:00
Modified
2025-08-19 00:00
Summary
pluto-5.22.5-1.1 on GA media
Notes
Title of the patch
pluto-5.22.5-1.1 on GA media
Description of the patch
These are all security issues fixed in the pluto-5.22.5-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15465
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "pluto-5.22.5-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the pluto-5.22.5-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15465",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15465-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47907 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47907/"
}
],
"title": "pluto-5.22.5-1.1 on GA media",
"tracking": {
"current_release_date": "2025-08-19T00:00:00Z",
"generator": {
"date": "2025-08-19T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15465-1",
"initial_release_date": "2025-08-19T00:00:00Z",
"revision_history": [
{
"date": "2025-08-19T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "pluto-5.22.5-1.1.aarch64",
"product": {
"name": "pluto-5.22.5-1.1.aarch64",
"product_id": "pluto-5.22.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "pluto-bash-completion-5.22.5-1.1.aarch64",
"product": {
"name": "pluto-bash-completion-5.22.5-1.1.aarch64",
"product_id": "pluto-bash-completion-5.22.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "pluto-fish-completion-5.22.5-1.1.aarch64",
"product": {
"name": "pluto-fish-completion-5.22.5-1.1.aarch64",
"product_id": "pluto-fish-completion-5.22.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "pluto-zsh-completion-5.22.5-1.1.aarch64",
"product": {
"name": "pluto-zsh-completion-5.22.5-1.1.aarch64",
"product_id": "pluto-zsh-completion-5.22.5-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pluto-5.22.5-1.1.ppc64le",
"product": {
"name": "pluto-5.22.5-1.1.ppc64le",
"product_id": "pluto-5.22.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pluto-bash-completion-5.22.5-1.1.ppc64le",
"product": {
"name": "pluto-bash-completion-5.22.5-1.1.ppc64le",
"product_id": "pluto-bash-completion-5.22.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pluto-fish-completion-5.22.5-1.1.ppc64le",
"product": {
"name": "pluto-fish-completion-5.22.5-1.1.ppc64le",
"product_id": "pluto-fish-completion-5.22.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pluto-zsh-completion-5.22.5-1.1.ppc64le",
"product": {
"name": "pluto-zsh-completion-5.22.5-1.1.ppc64le",
"product_id": "pluto-zsh-completion-5.22.5-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pluto-5.22.5-1.1.s390x",
"product": {
"name": "pluto-5.22.5-1.1.s390x",
"product_id": "pluto-5.22.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "pluto-bash-completion-5.22.5-1.1.s390x",
"product": {
"name": "pluto-bash-completion-5.22.5-1.1.s390x",
"product_id": "pluto-bash-completion-5.22.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "pluto-fish-completion-5.22.5-1.1.s390x",
"product": {
"name": "pluto-fish-completion-5.22.5-1.1.s390x",
"product_id": "pluto-fish-completion-5.22.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "pluto-zsh-completion-5.22.5-1.1.s390x",
"product": {
"name": "pluto-zsh-completion-5.22.5-1.1.s390x",
"product_id": "pluto-zsh-completion-5.22.5-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pluto-5.22.5-1.1.x86_64",
"product": {
"name": "pluto-5.22.5-1.1.x86_64",
"product_id": "pluto-5.22.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "pluto-bash-completion-5.22.5-1.1.x86_64",
"product": {
"name": "pluto-bash-completion-5.22.5-1.1.x86_64",
"product_id": "pluto-bash-completion-5.22.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "pluto-fish-completion-5.22.5-1.1.x86_64",
"product": {
"name": "pluto-fish-completion-5.22.5-1.1.x86_64",
"product_id": "pluto-fish-completion-5.22.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "pluto-zsh-completion-5.22.5-1.1.x86_64",
"product": {
"name": "pluto-zsh-completion-5.22.5-1.1.x86_64",
"product_id": "pluto-zsh-completion-5.22.5-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pluto-5.22.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pluto-5.22.5-1.1.aarch64"
},
"product_reference": "pluto-5.22.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pluto-5.22.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pluto-5.22.5-1.1.ppc64le"
},
"product_reference": "pluto-5.22.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pluto-5.22.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pluto-5.22.5-1.1.s390x"
},
"product_reference": "pluto-5.22.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pluto-5.22.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pluto-5.22.5-1.1.x86_64"
},
"product_reference": "pluto-5.22.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pluto-bash-completion-5.22.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pluto-bash-completion-5.22.5-1.1.aarch64"
},
"product_reference": "pluto-bash-completion-5.22.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pluto-bash-completion-5.22.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pluto-bash-completion-5.22.5-1.1.ppc64le"
},
"product_reference": "pluto-bash-completion-5.22.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pluto-bash-completion-5.22.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pluto-bash-completion-5.22.5-1.1.s390x"
},
"product_reference": "pluto-bash-completion-5.22.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pluto-bash-completion-5.22.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pluto-bash-completion-5.22.5-1.1.x86_64"
},
"product_reference": "pluto-bash-completion-5.22.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pluto-fish-completion-5.22.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pluto-fish-completion-5.22.5-1.1.aarch64"
},
"product_reference": "pluto-fish-completion-5.22.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pluto-fish-completion-5.22.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pluto-fish-completion-5.22.5-1.1.ppc64le"
},
"product_reference": "pluto-fish-completion-5.22.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pluto-fish-completion-5.22.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pluto-fish-completion-5.22.5-1.1.s390x"
},
"product_reference": "pluto-fish-completion-5.22.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pluto-fish-completion-5.22.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pluto-fish-completion-5.22.5-1.1.x86_64"
},
"product_reference": "pluto-fish-completion-5.22.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pluto-zsh-completion-5.22.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pluto-zsh-completion-5.22.5-1.1.aarch64"
},
"product_reference": "pluto-zsh-completion-5.22.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pluto-zsh-completion-5.22.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pluto-zsh-completion-5.22.5-1.1.ppc64le"
},
"product_reference": "pluto-zsh-completion-5.22.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pluto-zsh-completion-5.22.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pluto-zsh-completion-5.22.5-1.1.s390x"
},
"product_reference": "pluto-zsh-completion-5.22.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pluto-zsh-completion-5.22.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pluto-zsh-completion-5.22.5-1.1.x86_64"
},
"product_reference": "pluto-zsh-completion-5.22.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47907"
}
],
"notes": [
{
"category": "general",
"text": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:pluto-5.22.5-1.1.aarch64",
"openSUSE Tumbleweed:pluto-5.22.5-1.1.ppc64le",
"openSUSE Tumbleweed:pluto-5.22.5-1.1.s390x",
"openSUSE Tumbleweed:pluto-5.22.5-1.1.x86_64",
"openSUSE Tumbleweed:pluto-bash-completion-5.22.5-1.1.aarch64",
"openSUSE Tumbleweed:pluto-bash-completion-5.22.5-1.1.ppc64le",
"openSUSE Tumbleweed:pluto-bash-completion-5.22.5-1.1.s390x",
"openSUSE Tumbleweed:pluto-bash-completion-5.22.5-1.1.x86_64",
"openSUSE Tumbleweed:pluto-fish-completion-5.22.5-1.1.aarch64",
"openSUSE Tumbleweed:pluto-fish-completion-5.22.5-1.1.ppc64le",
"openSUSE Tumbleweed:pluto-fish-completion-5.22.5-1.1.s390x",
"openSUSE Tumbleweed:pluto-fish-completion-5.22.5-1.1.x86_64",
"openSUSE Tumbleweed:pluto-zsh-completion-5.22.5-1.1.aarch64",
"openSUSE Tumbleweed:pluto-zsh-completion-5.22.5-1.1.ppc64le",
"openSUSE Tumbleweed:pluto-zsh-completion-5.22.5-1.1.s390x",
"openSUSE Tumbleweed:pluto-zsh-completion-5.22.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47907",
"url": "https://www.suse.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "SUSE Bug 1247720 for CVE-2025-47907",
"url": "https://bugzilla.suse.com/1247720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:pluto-5.22.5-1.1.aarch64",
"openSUSE Tumbleweed:pluto-5.22.5-1.1.ppc64le",
"openSUSE Tumbleweed:pluto-5.22.5-1.1.s390x",
"openSUSE Tumbleweed:pluto-5.22.5-1.1.x86_64",
"openSUSE Tumbleweed:pluto-bash-completion-5.22.5-1.1.aarch64",
"openSUSE Tumbleweed:pluto-bash-completion-5.22.5-1.1.ppc64le",
"openSUSE Tumbleweed:pluto-bash-completion-5.22.5-1.1.s390x",
"openSUSE Tumbleweed:pluto-bash-completion-5.22.5-1.1.x86_64",
"openSUSE Tumbleweed:pluto-fish-completion-5.22.5-1.1.aarch64",
"openSUSE Tumbleweed:pluto-fish-completion-5.22.5-1.1.ppc64le",
"openSUSE Tumbleweed:pluto-fish-completion-5.22.5-1.1.s390x",
"openSUSE Tumbleweed:pluto-fish-completion-5.22.5-1.1.x86_64",
"openSUSE Tumbleweed:pluto-zsh-completion-5.22.5-1.1.aarch64",
"openSUSE Tumbleweed:pluto-zsh-completion-5.22.5-1.1.ppc64le",
"openSUSE Tumbleweed:pluto-zsh-completion-5.22.5-1.1.s390x",
"openSUSE Tumbleweed:pluto-zsh-completion-5.22.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:pluto-5.22.5-1.1.aarch64",
"openSUSE Tumbleweed:pluto-5.22.5-1.1.ppc64le",
"openSUSE Tumbleweed:pluto-5.22.5-1.1.s390x",
"openSUSE Tumbleweed:pluto-5.22.5-1.1.x86_64",
"openSUSE Tumbleweed:pluto-bash-completion-5.22.5-1.1.aarch64",
"openSUSE Tumbleweed:pluto-bash-completion-5.22.5-1.1.ppc64le",
"openSUSE Tumbleweed:pluto-bash-completion-5.22.5-1.1.s390x",
"openSUSE Tumbleweed:pluto-bash-completion-5.22.5-1.1.x86_64",
"openSUSE Tumbleweed:pluto-fish-completion-5.22.5-1.1.aarch64",
"openSUSE Tumbleweed:pluto-fish-completion-5.22.5-1.1.ppc64le",
"openSUSE Tumbleweed:pluto-fish-completion-5.22.5-1.1.s390x",
"openSUSE Tumbleweed:pluto-fish-completion-5.22.5-1.1.x86_64",
"openSUSE Tumbleweed:pluto-zsh-completion-5.22.5-1.1.aarch64",
"openSUSE Tumbleweed:pluto-zsh-completion-5.22.5-1.1.ppc64le",
"openSUSE Tumbleweed:pluto-zsh-completion-5.22.5-1.1.s390x",
"openSUSE Tumbleweed:pluto-zsh-completion-5.22.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47907"
}
]
}
opensuse-su-2025:15424-1
Vulnerability from csaf_opensuse
Published
2025-08-08 00:00
Modified
2025-08-08 00:00
Summary
govulncheck-vulndb-0.0.20250807T150727-1.1 on GA media
Notes
Title of the patch
govulncheck-vulndb-0.0.20250807T150727-1.1 on GA media
Description of the patch
These are all security issues fixed in the govulncheck-vulndb-0.0.20250807T150727-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15424
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "govulncheck-vulndb-0.0.20250807T150727-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the govulncheck-vulndb-0.0.20250807T150727-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15424",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15424-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7561 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7561/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9962 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-1000056 page",
"url": "https://www.suse.com/security/cve/CVE-2017-1000056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-1002102 page",
"url": "https://www.suse.com/security/cve/CVE-2017-1002102/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1002100 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1002100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1002101 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1002101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16733 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19184 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-1002100 page",
"url": "https://www.suse.com/security/cve/CVE-2019-1002100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-1002101 page",
"url": "https://www.suse.com/security/cve/CVE-2019-1002101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11245 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11251 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11253 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11253/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-26240 page",
"url": "https://www.suse.com/security/cve/CVE-2020-26240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-26241 page",
"url": "https://www.suse.com/security/cve/CVE-2020-26241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8551 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8551/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8555 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8557 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8557/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8558 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8558/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8562 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8562/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8563 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8566 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-25735 page",
"url": "https://www.suse.com/security/cve/CVE-2021-25735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-25736 page",
"url": "https://www.suse.com/security/cve/CVE-2021-25736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-25737 page",
"url": "https://www.suse.com/security/cve/CVE-2021-25737/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-25741 page",
"url": "https://www.suse.com/security/cve/CVE-2021-25741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-25743 page",
"url": "https://www.suse.com/security/cve/CVE-2021-25743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30465 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-29162 page",
"url": "https://www.suse.com/security/cve/CVE-2022-29162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-29177 page",
"url": "https://www.suse.com/security/cve/CVE-2022-29177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3162 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3294 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2431 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2431/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-25809 page",
"url": "https://www.suse.com/security/cve/CVE-2023-25809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2727 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2728 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-27561 page",
"url": "https://www.suse.com/security/cve/CVE-2023-27561/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28642 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28642/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5528 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45310 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45310/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-5321 page",
"url": "https://www.suse.com/security/cve/CVE-2024-5321/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3445 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47907 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47907/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47908 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47908/"
}
],
"title": "govulncheck-vulndb-0.0.20250807T150727-1.1 on GA media",
"tracking": {
"current_release_date": "2025-08-08T00:00:00Z",
"generator": {
"date": "2025-08-08T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15424-1",
"initial_release_date": "2025-08-08T00:00:00Z",
"revision_history": [
{
"date": "2025-08-08T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"product": {
"name": "govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"product_id": "govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"product": {
"name": "govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"product_id": "govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"product": {
"name": "govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"product_id": "govulncheck-vulndb-0.0.20250807T150727-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64",
"product": {
"name": "govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64",
"product_id": "govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64"
},
"product_reference": "govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le"
},
"product_reference": "govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250807T150727-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x"
},
"product_reference": "govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
},
"product_reference": "govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-7561",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7561"
}
],
"notes": [
{
"category": "general",
"text": "Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7561",
"url": "https://www.suse.com/security/cve/CVE-2015-7561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2015-7561"
},
{
"cve": "CVE-2016-9962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9962"
}
],
"notes": [
{
"category": "general",
"text": "RunC allowed additional container processes via \u0027runc exec\u0027 to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9962",
"url": "https://www.suse.com/security/cve/CVE-2016-9962"
},
{
"category": "external",
"summary": "SUSE Bug 1012568 for CVE-2016-9962",
"url": "https://bugzilla.suse.com/1012568"
},
{
"category": "external",
"summary": "SUSE Bug 1173425 for CVE-2016-9962",
"url": "https://bugzilla.suse.com/1173425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9962"
},
{
"cve": "CVE-2017-1000056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-1000056"
}
],
"notes": [
{
"category": "general",
"text": "Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-1000056",
"url": "https://www.suse.com/security/cve/CVE-2017-1000056"
},
{
"category": "external",
"summary": "SUSE Bug 1010675 for CVE-2017-1000056",
"url": "https://bugzilla.suse.com/1010675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-1000056"
},
{
"cve": "CVE-2017-1002102",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-1002102"
}
],
"notes": [
{
"category": "general",
"text": "In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using a secret, configMap, projected or downwardAPI volume can trigger deletion of arbitrary files/directories from the nodes where they are running.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-1002102",
"url": "https://www.suse.com/security/cve/CVE-2017-1002102"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-1002102"
},
{
"cve": "CVE-2018-1002100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1002100"
}
],
"notes": [
{
"category": "general",
"text": "In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1002100",
"url": "https://www.suse.com/security/cve/CVE-2018-1002100"
},
{
"category": "external",
"summary": "SUSE Bug 1089654 for CVE-2018-1002100",
"url": "https://bugzilla.suse.com/1089654"
},
{
"category": "external",
"summary": "SUSE Bug 1089991 for CVE-2018-1002100",
"url": "https://bugzilla.suse.com/1089991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-1002100"
},
{
"cve": "CVE-2018-1002101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1002101"
}
],
"notes": [
{
"category": "general",
"text": "In Kubernetes versions 1.9.0-1.9.9, 1.10.0-1.10.5, and 1.11.0-1.11.1, user input was handled insecurely while setting up volume mounts on Windows nodes, which could lead to command line argument injection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1002101",
"url": "https://www.suse.com/security/cve/CVE-2018-1002101"
},
{
"category": "external",
"summary": "SUSE Bug 1118791 for CVE-2018-1002101",
"url": "https://bugzilla.suse.com/1118791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2018-1002101"
},
{
"cve": "CVE-2018-16733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16733"
}
],
"notes": [
{
"category": "general",
"text": "In Go Ethereum (aka geth) before 1.8.14, TraceChain in eth/api_tracer.go does not verify that the end block is after the start block.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16733",
"url": "https://www.suse.com/security/cve/CVE-2018-16733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16733"
},
{
"cve": "CVE-2018-19184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19184"
}
],
"notes": [
{
"category": "general",
"text": "cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attackers to cause a denial of service (SEGV) via crafted bytecode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19184",
"url": "https://www.suse.com/security/cve/CVE-2018-19184"
},
{
"category": "external",
"summary": "SUSE Bug 1115634 for CVE-2018-19184",
"url": "https://bugzilla.suse.com/1115634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2018-19184"
},
{
"cve": "CVE-2019-1002100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-1002100"
}
],
"notes": [
{
"category": "general",
"text": "In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type \"json-patch\" (e.g. `kubectl patch --type json` or `\"Content-Type: application/json-patch+json\"`) that consumes excessive resources while processing, causing a Denial of Service on the API Server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-1002100",
"url": "https://www.suse.com/security/cve/CVE-2019-1002100"
},
{
"category": "external",
"summary": "SUSE Bug 1127554 for CVE-2019-1002100",
"url": "https://bugzilla.suse.com/1127554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2019-1002100"
},
{
"cve": "CVE-2019-1002101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-1002101"
}
],
"notes": [
{
"category": "general",
"text": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user\u0027s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u0027s machine when kubectl cp is called, limited only by the system permissions of the local user. The untar function can both create and follow symbolic links. The issue is resolved in kubectl v1.11.9, v1.12.7, v1.13.5, and v1.14.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-1002101",
"url": "https://www.suse.com/security/cve/CVE-2019-1002101"
},
{
"category": "external",
"summary": "SUSE Bug 1131056 for CVE-2019-1002101",
"url": "https://bugzilla.suse.com/1131056"
},
{
"category": "external",
"summary": "SUSE Bug 1138929 for CVE-2019-1002101",
"url": "https://bugzilla.suse.com/1138929"
},
{
"category": "external",
"summary": "SUSE Bug 1144507 for CVE-2019-1002101",
"url": "https://bugzilla.suse.com/1144507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-1002101"
},
{
"cve": "CVE-2019-11245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11245"
}
],
"notes": [
{
"category": "general",
"text": "In kubelet v1.13.6 and v1.14.2, containers for pods that do not specify an explicit runAsUser attempt to run as uid 0 (root) on container restart, or if the image was previously pulled to the node. If the pod specified mustRunAsNonRoot: true, the kubelet will refuse to start the container as root. If the pod did not specify mustRunAsNonRoot: true, the kubelet will run the container as uid 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11245",
"url": "https://www.suse.com/security/cve/CVE-2019-11245"
},
{
"category": "external",
"summary": "SUSE Bug 1136944 for CVE-2019-11245",
"url": "https://bugzilla.suse.com/1136944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-11245"
},
{
"cve": "CVE-2019-11251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11251"
}
],
"notes": [
{
"category": "general",
"text": "The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be used to allow an attacker to place a nefarious file using a symlink, outside of the destination tree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11251",
"url": "https://www.suse.com/security/cve/CVE-2019-11251"
},
{
"category": "external",
"summary": "SUSE Bug 1151300 for CVE-2019-11251",
"url": "https://bugzilla.suse.com/1151300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-11251"
},
{
"cve": "CVE-2019-11253",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11253"
}
],
"notes": [
{
"category": "general",
"text": "Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send malicious YAML or JSON payloads, causing the API server to consume excessive CPU or memory, potentially crashing and becoming unavailable. Prior to v1.14.0, default RBAC policy authorized anonymous users to submit requests that could trigger this vulnerability. Clusters upgraded from a version prior to v1.14.0 keep the more permissive policy by default for backwards compatibility.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11253",
"url": "https://www.suse.com/security/cve/CVE-2019-11253"
},
{
"category": "external",
"summary": "SUSE Bug 1152861 for CVE-2019-11253",
"url": "https://bugzilla.suse.com/1152861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-11253"
},
{
"cve": "CVE-2020-26240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-26240"
}
],
"notes": [
{
"category": "general",
"text": "Go Ethereum, or \"Geth\", is the official Golang implementation of the Ethereum protocol. An ethash mining DAG generation flaw in Geth before version 1.9.24 could cause miners to erroneously calculate PoW in an upcoming epoch (estimated early January, 2021). This happened on the ETC chain on 2020-11-06. This issue is relevant only for miners, non-mining nodes are unaffected. This issue is fixed as of 1.9.24",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-26240",
"url": "https://www.suse.com/security/cve/CVE-2020-26240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-26240"
},
{
"cve": "CVE-2020-26241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-26241"
}
],
"notes": [
{
"category": "general",
"text": "Go Ethereum, or \"Geth\", is the official Golang implementation of the Ethereum protocol. This is a Consensus vulnerability in Geth before version 1.9.17 which can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth\u0027s pre-compiled dataCopy (at 0x00...04) contract did a shallow copy on invocation. An attacker could deploy a contract that writes X to an EVM memory region R, then calls 0x00..04 with R as an argument, then overwrites R to Y, and finally invokes the RETURNDATACOPY opcode. When this contract is invoked, a consensus-compliant node would push X on the EVM stack, whereas Geth would push Y. This is fixed in version 1.9.17.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-26241",
"url": "https://www.suse.com/security/cve/CVE-2020-26241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-26241"
},
{
"cve": "CVE-2020-8551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8551"
}
],
"notes": [
{
"category": "general",
"text": "The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on port 10250.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8551",
"url": "https://www.suse.com/security/cve/CVE-2020-8551"
},
{
"category": "external",
"summary": "SUSE Bug 1167509 for CVE-2020-8551",
"url": "https://bugzilla.suse.com/1167509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-8551"
},
{
"cve": "CVE-2020-8555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8555"
}
],
"notes": [
{
"category": "general",
"text": "The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master\u0027s host network (such as link-local or loopback services).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8555",
"url": "https://www.suse.com/security/cve/CVE-2020-8555"
},
{
"category": "external",
"summary": "SUSE Bug 1171106 for CVE-2020-8555",
"url": "https://bugzilla.suse.com/1171106"
},
{
"category": "external",
"summary": "SUSE Bug 1185502 for CVE-2020-8555",
"url": "https://bugzilla.suse.com/1185502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-8555"
},
{
"cve": "CVE-2020-8557",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8557"
}
],
"notes": [
{
"category": "general",
"text": "The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it could fill the storage space of the node and cause the node to fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8557",
"url": "https://www.suse.com/security/cve/CVE-2020-8557"
},
{
"category": "external",
"summary": "SUSE Bug 1173984 for CVE-2020-8557",
"url": "https://bugzilla.suse.com/1173984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-8557"
},
{
"cve": "CVE-2020-8558",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8558"
}
],
"notes": [
{
"category": "general",
"text": "The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node\u0027s network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8558",
"url": "https://www.suse.com/security/cve/CVE-2020-8558"
},
{
"category": "external",
"summary": "SUSE Bug 1172945 for CVE-2020-8558",
"url": "https://bugzilla.suse.com/1172945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-8558"
},
{
"cve": "CVE-2020-8562",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8562"
}
],
"notes": [
{
"category": "general",
"text": "As mitigations to a report from 2019 and CVE-2020-8555, Kubernetes attempts to prevent proxied connections from accessing link-local or localhost networks when making user-driven connections to Services, Pods, Nodes, or StorageClass service providers. As part of this mitigation Kubernetes does a DNS name resolution check and validates that response IPs are not in the link-local (169.254.0.0/16) or localhost (127.0.0.0/8) range. Kubernetes then performs a second DNS resolution without validation for the actual connection. If a non-standard DNS server returns different non-cached responses, a user may be able to bypass the proxy IP restriction and access private networks on the control plane.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8562",
"url": "https://www.suse.com/security/cve/CVE-2020-8562"
},
{
"category": "external",
"summary": "SUSE Bug 1185502 for CVE-2020-8562",
"url": "https://bugzilla.suse.com/1185502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.2,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-8562"
},
{
"cve": "CVE-2020-8563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8563"
}
],
"notes": [
{
"category": "general",
"text": "In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager\u0027s log. This affects \u003c v1.19.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8563",
"url": "https://www.suse.com/security/cve/CVE-2020-8563"
},
{
"category": "external",
"summary": "SUSE Bug 1177659 for CVE-2020-8563",
"url": "https://bugzilla.suse.com/1177659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-8563"
},
{
"cve": "CVE-2020-8566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8566"
}
],
"notes": [
{
"category": "general",
"text": "In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager\u0027s logs during provisioning of Ceph RBD persistent claims. This affects \u003c v1.19.3, \u003c v1.18.10, \u003c v1.17.13.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8566",
"url": "https://www.suse.com/security/cve/CVE-2020-8566"
},
{
"category": "external",
"summary": "SUSE Bug 1177662 for CVE-2020-8566",
"url": "https://bugzilla.suse.com/1177662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-8566"
},
{
"cve": "CVE-2021-25735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-25735"
}
],
"notes": [
{
"category": "general",
"text": "A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-25735",
"url": "https://www.suse.com/security/cve/CVE-2021-25735"
},
{
"category": "external",
"summary": "SUSE Bug 1183409 for CVE-2021-25735",
"url": "https://bugzilla.suse.com/1183409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-25735"
},
{
"cve": "CVE-2021-25736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-25736"
}
],
"notes": [
{
"category": "general",
"text": "Kube-proxy\n on Windows can unintentionally forward traffic to local processes \nlistening on the same port (\"spec.ports[*].port\") as a LoadBalancer \nService when the LoadBalancer controller\n does not set the \"status.loadBalancer.ingress[].ip\" field. Clusters \nwhere the LoadBalancer controller sets the \n\"status.loadBalancer.ingress[].ip\" field are unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-25736",
"url": "https://www.suse.com/security/cve/CVE-2021-25736"
},
{
"category": "external",
"summary": "SUSE Bug 1185894 for CVE-2021-25736",
"url": "https://bugzilla.suse.com/1185894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-25736"
},
{
"cve": "CVE-2021-25737",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-25737"
}
],
"notes": [
{
"category": "general",
"text": "A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-25737",
"url": "https://www.suse.com/security/cve/CVE-2021-25737"
},
{
"category": "external",
"summary": "SUSE Bug 1185503 for CVE-2021-25737",
"url": "https://bugzilla.suse.com/1185503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-25737"
},
{
"cve": "CVE-2021-25741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-25741"
}
],
"notes": [
{
"category": "general",
"text": "A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files \u0026 directories outside of the volume, including on the host filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-25741",
"url": "https://www.suse.com/security/cve/CVE-2021-25741"
},
{
"category": "external",
"summary": "SUSE Bug 1189416 for CVE-2021-25741",
"url": "https://bugzilla.suse.com/1189416"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-25741"
},
{
"cve": "CVE-2021-25743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-25743"
}
],
"notes": [
{
"category": "general",
"text": "kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-25743",
"url": "https://www.suse.com/security/cve/CVE-2021-25743"
},
{
"category": "external",
"summary": "SUSE Bug 1194400 for CVE-2021-25743",
"url": "https://bugzilla.suse.com/1194400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-25743"
},
{
"cve": "CVE-2021-30465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30465"
}
],
"notes": [
{
"category": "general",
"text": "runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30465",
"url": "https://www.suse.com/security/cve/CVE-2021-30465"
},
{
"category": "external",
"summary": "SUSE Bug 1185405 for CVE-2021-30465",
"url": "https://bugzilla.suse.com/1185405"
},
{
"category": "external",
"summary": "SUSE Bug 1189161 for CVE-2021-30465",
"url": "https://bugzilla.suse.com/1189161"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-30465"
},
{
"cve": "CVE-2022-29162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-29162"
}
],
"notes": [
{
"category": "general",
"text": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container\u0027s bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec --cap` behavior such that the additional capabilities granted to the process being executed (as specified via `--cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-29162",
"url": "https://www.suse.com/security/cve/CVE-2022-29162"
},
{
"category": "external",
"summary": "SUSE Bug 1199460 for CVE-2022-29162",
"url": "https://bugzilla.suse.com/1199460"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-29162"
},
{
"cve": "CVE-2022-29177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-29177"
}
],
"notes": [
{
"category": "general",
"text": "Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Version 1.10.17 contains a patch that addresses the problem. As a workaround, setting loglevel to default level (`INFO`) makes the node not vulnerable to this attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-29177",
"url": "https://www.suse.com/security/cve/CVE-2022-29177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-29177"
},
{
"cve": "CVE-2022-3162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3162"
}
],
"notes": [
{
"category": "general",
"text": "Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3162",
"url": "https://www.suse.com/security/cve/CVE-2022-3162"
},
{
"category": "external",
"summary": "SUSE Bug 1204388 for CVE-2022-3162",
"url": "https://bugzilla.suse.com/1204388"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-3162"
},
{
"cve": "CVE-2022-3294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3294"
}
],
"notes": [
{
"category": "general",
"text": "Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server\u0027s private network.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3294",
"url": "https://www.suse.com/security/cve/CVE-2022-3294"
},
{
"category": "external",
"summary": "SUSE Bug 1204387 for CVE-2022-3294",
"url": "https://bugzilla.suse.com/1204387"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-3294"
},
{
"cve": "CVE-2023-2431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2431"
}
],
"notes": [
{
"category": "general",
"text": "A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined (seccomp disabled) mode. This bug affects Kubelet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2431",
"url": "https://www.suse.com/security/cve/CVE-2023-2431"
},
{
"category": "external",
"summary": "SUSE Bug 1212493 for CVE-2023-2431",
"url": "https://bugzilla.suse.com/1212493"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2023-2431"
},
{
"cve": "CVE-2023-25809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-25809"
}
],
"notes": [
{
"category": "general",
"text": "runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes `/sys/fs/cgroup` writable in following conditons: 1. when runc is executed inside the user namespace, and the `config.json` does not specify the cgroup namespace to be unshared (e.g.., `(docker|podman|nerdctl) run --cgroupns=host`, with Rootless Docker/Podman/nerdctl) or 2. when runc is executed outside the user namespace, and `/sys` is mounted with `rbind, ro` (e.g., `runc spec --rootless`; this condition is very rare). A container may gain the write access to user-owned cgroup hierarchy `/sys/fs/cgroup/user.slice/...` on the host . Other users\u0027s cgroup hierarchies are not affected. Users are advised to upgrade to version 1.1.5. Users unable to upgrade may unshare the cgroup namespace (`(docker|podman|nerdctl) run --cgroupns=private)`. This is the default behavior of Docker/Podman/nerdctl on cgroup v2 hosts. or add `/sys/fs/cgroup` to `maskedPaths`.\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-25809",
"url": "https://www.suse.com/security/cve/CVE-2023-25809"
},
{
"category": "external",
"summary": "SUSE Bug 1209884 for CVE-2023-25809",
"url": "https://bugzilla.suse.com/1209884"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-25809"
},
{
"cve": "CVE-2023-2727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2727"
}
],
"notes": [
{
"category": "general",
"text": "Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2727",
"url": "https://www.suse.com/security/cve/CVE-2023-2727"
},
{
"category": "external",
"summary": "SUSE Bug 1211630 for CVE-2023-2727",
"url": "https://bugzilla.suse.com/1211630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-2727"
},
{
"cve": "CVE-2023-2728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2728"
}
],
"notes": [
{
"category": "general",
"text": "Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account\u0027s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2728",
"url": "https://www.suse.com/security/cve/CVE-2023-2728"
},
{
"category": "external",
"summary": "SUSE Bug 1211631 for CVE-2023-2728",
"url": "https://bugzilla.suse.com/1211631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-2728"
},
{
"cve": "CVE-2023-27561",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-27561"
}
],
"notes": [
{
"category": "general",
"text": "runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-27561",
"url": "https://www.suse.com/security/cve/CVE-2023-27561"
},
{
"category": "external",
"summary": "SUSE Bug 1208962 for CVE-2023-27561",
"url": "https://bugzilla.suse.com/1208962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-27561"
},
{
"cve": "CVE-2023-28642",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28642"
}
],
"notes": [
{
"category": "general",
"text": "runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked `/proc`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28642",
"url": "https://www.suse.com/security/cve/CVE-2023-28642"
},
{
"category": "external",
"summary": "SUSE Bug 1209888 for CVE-2023-28642",
"url": "https://bugzilla.suse.com/1209888"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-28642"
},
{
"cve": "CVE-2023-5528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5528"
}
],
"notes": [
{
"category": "general",
"text": "A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5528",
"url": "https://www.suse.com/security/cve/CVE-2023-5528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-5528"
},
{
"cve": "CVE-2024-45310",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45310"
}
],
"notes": [
{
"category": "general",
"text": "runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers and exploiting a race with `os.MkdirAll`. While this could be used to create empty files, existing files would not be truncated. An attacker must have the ability to start containers using some kind of custom volume configuration. Containers using user namespaces are still affected, but the scope of places an attacker can create inodes can be significantly reduced. Sufficiently strict LSM policies (SELinux/Apparmor) can also in principle block this attack -- we suspect the industry standard SELinux policy may restrict this attack\u0027s scope but the exact scope of protection hasn\u0027t been analysed. This is exploitable using runc directly as well as through Docker and Kubernetes. The issue is fixed in runc v1.1.14 and v1.2.0-rc3.\n\nSome workarounds are available. Using user namespaces restricts this attack fairly significantly such that the attacker can only create inodes in directories that the remapped root user/group has write access to. Unless the root user is remapped to an actual\nuser on the host (such as with rootless containers that don\u0027t use `/etc/sub[ug]id`), this in practice means that an attacker would only be able to create inodes in world-writable directories. A strict enough SELinux or AppArmor policy could in principle also restrict the scope if a specific label is applied to the runc runtime, though neither the extent to which the standard existing policies block this attack nor what exact policies are needed to sufficiently restrict this attack have been thoroughly tested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45310",
"url": "https://www.suse.com/security/cve/CVE-2024-45310"
},
{
"category": "external",
"summary": "SUSE Bug 1230092 for CVE-2024-45310",
"url": "https://bugzilla.suse.com/1230092"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2024-45310"
},
{
"cve": "CVE-2024-5321",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-5321"
}
],
"notes": [
{
"category": "general",
"text": "A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\\Users may be able to read container logs and NT AUTHORITY\\Authenticated Users may be able to modify container logs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-5321",
"url": "https://www.suse.com/security/cve/CVE-2024-5321"
},
{
"category": "external",
"summary": "SUSE Bug 1225420 for CVE-2024-5321",
"url": "https://bugzilla.suse.com/1225420"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-5321"
},
{
"cve": "CVE-2025-3445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3445"
}
],
"notes": [
{
"category": "general",
"text": "A Path Traversal \"Zip Slip\" vulnerability has been identified in mholt/archiver in Go. This vulnerability allows using a crafted ZIP file containing path traversal symlinks to create or overwrite files with the user\u0027s privileges or application utilizing the library.\n\nWhen using the archiver.Unarchive functionality with ZIP files, like this: archiver.Unarchive(zipFile, outputDir), A crafted ZIP file can be extracted in such a way that it writes files to the affected system with the same privileges as the application executing this vulnerable functionality. Consequently, sensitive files may be overwritten, potentially leading to privilege escalation, code execution, and other severe outcomes in some cases.\n\nIt\u0027s worth noting that a similar vulnerability was found in TAR files (CVE-2024-0406). Although a fix was implemented, it hasn\u0027t been officially released, and the affected project has since been deprecated. The successor to mholt/archiver is a new project called mholt/archives, and its initial release (v0.1.0) removes the Unarchive() functionality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3445",
"url": "https://www.suse.com/security/cve/CVE-2025-3445"
},
{
"category": "external",
"summary": "SUSE Bug 1241242 for CVE-2025-3445",
"url": "https://bugzilla.suse.com/1241242"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-3445"
},
{
"cve": "CVE-2025-47907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47907"
}
],
"notes": [
{
"category": "general",
"text": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47907",
"url": "https://www.suse.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "SUSE Bug 1247720 for CVE-2025-47907",
"url": "https://bugzilla.suse.com/1247720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47907"
},
{
"cve": "CVE-2025-47908",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47908"
}
],
"notes": [
{
"category": "general",
"text": "Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers (ACRH) header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt to cause a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47908",
"url": "https://www.suse.com/security/cve/CVE-2025-47908"
},
{
"category": "external",
"summary": "SUSE Bug 1247746 for CVE-2025-47908",
"url": "https://bugzilla.suse.com/1247746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.aarch64",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.ppc64le",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.s390x",
"openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250807T150727-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47908"
}
]
}
opensuse-su-2025:15422-1
Vulnerability from csaf_opensuse
Published
2025-08-08 00:00
Modified
2025-08-08 00:00
Summary
go1.23-1.23.12-1.1 on GA media
Notes
Title of the patch
go1.23-1.23.12-1.1 on GA media
Description of the patch
These are all security issues fixed in the go1.23-1.23.12-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15422
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go1.23-1.23.12-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go1.23-1.23.12-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15422",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15422-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47906 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47907 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47907/"
}
],
"title": "go1.23-1.23.12-1.1 on GA media",
"tracking": {
"current_release_date": "2025-08-08T00:00:00Z",
"generator": {
"date": "2025-08-08T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15422-1",
"initial_release_date": "2025-08-08T00:00:00Z",
"revision_history": [
{
"date": "2025-08-08T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.23-1.23.12-1.1.aarch64",
"product": {
"name": "go1.23-1.23.12-1.1.aarch64",
"product_id": "go1.23-1.23.12-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.23-doc-1.23.12-1.1.aarch64",
"product": {
"name": "go1.23-doc-1.23.12-1.1.aarch64",
"product_id": "go1.23-doc-1.23.12-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.23-libstd-1.23.12-1.1.aarch64",
"product": {
"name": "go1.23-libstd-1.23.12-1.1.aarch64",
"product_id": "go1.23-libstd-1.23.12-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.23-race-1.23.12-1.1.aarch64",
"product": {
"name": "go1.23-race-1.23.12-1.1.aarch64",
"product_id": "go1.23-race-1.23.12-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-1.23.12-1.1.ppc64le",
"product": {
"name": "go1.23-1.23.12-1.1.ppc64le",
"product_id": "go1.23-1.23.12-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.23-doc-1.23.12-1.1.ppc64le",
"product": {
"name": "go1.23-doc-1.23.12-1.1.ppc64le",
"product_id": "go1.23-doc-1.23.12-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.23-libstd-1.23.12-1.1.ppc64le",
"product": {
"name": "go1.23-libstd-1.23.12-1.1.ppc64le",
"product_id": "go1.23-libstd-1.23.12-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.23-race-1.23.12-1.1.ppc64le",
"product": {
"name": "go1.23-race-1.23.12-1.1.ppc64le",
"product_id": "go1.23-race-1.23.12-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-1.23.12-1.1.s390x",
"product": {
"name": "go1.23-1.23.12-1.1.s390x",
"product_id": "go1.23-1.23.12-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.23-doc-1.23.12-1.1.s390x",
"product": {
"name": "go1.23-doc-1.23.12-1.1.s390x",
"product_id": "go1.23-doc-1.23.12-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.23-libstd-1.23.12-1.1.s390x",
"product": {
"name": "go1.23-libstd-1.23.12-1.1.s390x",
"product_id": "go1.23-libstd-1.23.12-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.23-race-1.23.12-1.1.s390x",
"product": {
"name": "go1.23-race-1.23.12-1.1.s390x",
"product_id": "go1.23-race-1.23.12-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-1.23.12-1.1.x86_64",
"product": {
"name": "go1.23-1.23.12-1.1.x86_64",
"product_id": "go1.23-1.23.12-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.23-doc-1.23.12-1.1.x86_64",
"product": {
"name": "go1.23-doc-1.23.12-1.1.x86_64",
"product_id": "go1.23-doc-1.23.12-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.23-libstd-1.23.12-1.1.x86_64",
"product": {
"name": "go1.23-libstd-1.23.12-1.1.x86_64",
"product_id": "go1.23-libstd-1.23.12-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.23-race-1.23.12-1.1.x86_64",
"product": {
"name": "go1.23-race-1.23.12-1.1.x86_64",
"product_id": "go1.23-race-1.23.12-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-1.23.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-1.23.12-1.1.aarch64"
},
"product_reference": "go1.23-1.23.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-1.23.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-1.23.12-1.1.ppc64le"
},
"product_reference": "go1.23-1.23.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-1.23.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-1.23.12-1.1.s390x"
},
"product_reference": "go1.23-1.23.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-1.23.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-1.23.12-1.1.x86_64"
},
"product_reference": "go1.23-1.23.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-doc-1.23.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.aarch64"
},
"product_reference": "go1.23-doc-1.23.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-doc-1.23.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.ppc64le"
},
"product_reference": "go1.23-doc-1.23.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-doc-1.23.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.s390x"
},
"product_reference": "go1.23-doc-1.23.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-doc-1.23.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.x86_64"
},
"product_reference": "go1.23-doc-1.23.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-libstd-1.23.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.aarch64"
},
"product_reference": "go1.23-libstd-1.23.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-libstd-1.23.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.ppc64le"
},
"product_reference": "go1.23-libstd-1.23.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-libstd-1.23.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.s390x"
},
"product_reference": "go1.23-libstd-1.23.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-libstd-1.23.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.x86_64"
},
"product_reference": "go1.23-libstd-1.23.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-race-1.23.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.aarch64"
},
"product_reference": "go1.23-race-1.23.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-race-1.23.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.ppc64le"
},
"product_reference": "go1.23-race-1.23.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-race-1.23.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.s390x"
},
"product_reference": "go1.23-race-1.23.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-race-1.23.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.x86_64"
},
"product_reference": "go1.23-race-1.23.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47906"
}
],
"notes": [
{
"category": "general",
"text": "If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath (\"\", \".\", and \"..\"), can result in the binaries listed in the PATH being unexpectedly returned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47906",
"url": "https://www.suse.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "SUSE Bug 1247719 for CVE-2025-47906",
"url": "https://bugzilla.suse.com/1247719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47906"
},
{
"cve": "CVE-2025-47907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47907"
}
],
"notes": [
{
"category": "general",
"text": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47907",
"url": "https://www.suse.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "SUSE Bug 1247720 for CVE-2025-47907",
"url": "https://bugzilla.suse.com/1247720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-doc-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-libstd-1.23.12-1.1.x86_64",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.aarch64",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.ppc64le",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.s390x",
"openSUSE Tumbleweed:go1.23-race-1.23.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47907"
}
]
}
opensuse-su-2025:15466-1
Vulnerability from csaf_opensuse
Published
2025-08-19 00:00
Modified
2025-08-19 00:00
Summary
polaris-10.1.1-1.1 on GA media
Notes
Title of the patch
polaris-10.1.1-1.1 on GA media
Description of the patch
These are all security issues fixed in the polaris-10.1.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15466
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "polaris-10.1.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the polaris-10.1.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15466",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15466-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47907 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47907/"
}
],
"title": "polaris-10.1.1-1.1 on GA media",
"tracking": {
"current_release_date": "2025-08-19T00:00:00Z",
"generator": {
"date": "2025-08-19T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15466-1",
"initial_release_date": "2025-08-19T00:00:00Z",
"revision_history": [
{
"date": "2025-08-19T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "polaris-10.1.1-1.1.aarch64",
"product": {
"name": "polaris-10.1.1-1.1.aarch64",
"product_id": "polaris-10.1.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "polaris-bash-completion-10.1.1-1.1.aarch64",
"product": {
"name": "polaris-bash-completion-10.1.1-1.1.aarch64",
"product_id": "polaris-bash-completion-10.1.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "polaris-fish-completion-10.1.1-1.1.aarch64",
"product": {
"name": "polaris-fish-completion-10.1.1-1.1.aarch64",
"product_id": "polaris-fish-completion-10.1.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "polaris-zsh-completion-10.1.1-1.1.aarch64",
"product": {
"name": "polaris-zsh-completion-10.1.1-1.1.aarch64",
"product_id": "polaris-zsh-completion-10.1.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "polaris-10.1.1-1.1.ppc64le",
"product": {
"name": "polaris-10.1.1-1.1.ppc64le",
"product_id": "polaris-10.1.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "polaris-bash-completion-10.1.1-1.1.ppc64le",
"product": {
"name": "polaris-bash-completion-10.1.1-1.1.ppc64le",
"product_id": "polaris-bash-completion-10.1.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "polaris-fish-completion-10.1.1-1.1.ppc64le",
"product": {
"name": "polaris-fish-completion-10.1.1-1.1.ppc64le",
"product_id": "polaris-fish-completion-10.1.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "polaris-zsh-completion-10.1.1-1.1.ppc64le",
"product": {
"name": "polaris-zsh-completion-10.1.1-1.1.ppc64le",
"product_id": "polaris-zsh-completion-10.1.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "polaris-10.1.1-1.1.s390x",
"product": {
"name": "polaris-10.1.1-1.1.s390x",
"product_id": "polaris-10.1.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "polaris-bash-completion-10.1.1-1.1.s390x",
"product": {
"name": "polaris-bash-completion-10.1.1-1.1.s390x",
"product_id": "polaris-bash-completion-10.1.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "polaris-fish-completion-10.1.1-1.1.s390x",
"product": {
"name": "polaris-fish-completion-10.1.1-1.1.s390x",
"product_id": "polaris-fish-completion-10.1.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "polaris-zsh-completion-10.1.1-1.1.s390x",
"product": {
"name": "polaris-zsh-completion-10.1.1-1.1.s390x",
"product_id": "polaris-zsh-completion-10.1.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "polaris-10.1.1-1.1.x86_64",
"product": {
"name": "polaris-10.1.1-1.1.x86_64",
"product_id": "polaris-10.1.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "polaris-bash-completion-10.1.1-1.1.x86_64",
"product": {
"name": "polaris-bash-completion-10.1.1-1.1.x86_64",
"product_id": "polaris-bash-completion-10.1.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "polaris-fish-completion-10.1.1-1.1.x86_64",
"product": {
"name": "polaris-fish-completion-10.1.1-1.1.x86_64",
"product_id": "polaris-fish-completion-10.1.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "polaris-zsh-completion-10.1.1-1.1.x86_64",
"product": {
"name": "polaris-zsh-completion-10.1.1-1.1.x86_64",
"product_id": "polaris-zsh-completion-10.1.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-10.1.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-10.1.1-1.1.aarch64"
},
"product_reference": "polaris-10.1.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-10.1.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-10.1.1-1.1.ppc64le"
},
"product_reference": "polaris-10.1.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-10.1.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-10.1.1-1.1.s390x"
},
"product_reference": "polaris-10.1.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-10.1.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-10.1.1-1.1.x86_64"
},
"product_reference": "polaris-10.1.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-bash-completion-10.1.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-bash-completion-10.1.1-1.1.aarch64"
},
"product_reference": "polaris-bash-completion-10.1.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-bash-completion-10.1.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-bash-completion-10.1.1-1.1.ppc64le"
},
"product_reference": "polaris-bash-completion-10.1.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-bash-completion-10.1.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-bash-completion-10.1.1-1.1.s390x"
},
"product_reference": "polaris-bash-completion-10.1.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-bash-completion-10.1.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-bash-completion-10.1.1-1.1.x86_64"
},
"product_reference": "polaris-bash-completion-10.1.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-fish-completion-10.1.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-fish-completion-10.1.1-1.1.aarch64"
},
"product_reference": "polaris-fish-completion-10.1.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-fish-completion-10.1.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-fish-completion-10.1.1-1.1.ppc64le"
},
"product_reference": "polaris-fish-completion-10.1.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-fish-completion-10.1.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-fish-completion-10.1.1-1.1.s390x"
},
"product_reference": "polaris-fish-completion-10.1.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-fish-completion-10.1.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-fish-completion-10.1.1-1.1.x86_64"
},
"product_reference": "polaris-fish-completion-10.1.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-zsh-completion-10.1.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-zsh-completion-10.1.1-1.1.aarch64"
},
"product_reference": "polaris-zsh-completion-10.1.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-zsh-completion-10.1.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-zsh-completion-10.1.1-1.1.ppc64le"
},
"product_reference": "polaris-zsh-completion-10.1.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-zsh-completion-10.1.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-zsh-completion-10.1.1-1.1.s390x"
},
"product_reference": "polaris-zsh-completion-10.1.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polaris-zsh-completion-10.1.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:polaris-zsh-completion-10.1.1-1.1.x86_64"
},
"product_reference": "polaris-zsh-completion-10.1.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47907"
}
],
"notes": [
{
"category": "general",
"text": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:polaris-10.1.1-1.1.aarch64",
"openSUSE Tumbleweed:polaris-10.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-10.1.1-1.1.s390x",
"openSUSE Tumbleweed:polaris-10.1.1-1.1.x86_64",
"openSUSE Tumbleweed:polaris-bash-completion-10.1.1-1.1.aarch64",
"openSUSE Tumbleweed:polaris-bash-completion-10.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-bash-completion-10.1.1-1.1.s390x",
"openSUSE Tumbleweed:polaris-bash-completion-10.1.1-1.1.x86_64",
"openSUSE Tumbleweed:polaris-fish-completion-10.1.1-1.1.aarch64",
"openSUSE Tumbleweed:polaris-fish-completion-10.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-fish-completion-10.1.1-1.1.s390x",
"openSUSE Tumbleweed:polaris-fish-completion-10.1.1-1.1.x86_64",
"openSUSE Tumbleweed:polaris-zsh-completion-10.1.1-1.1.aarch64",
"openSUSE Tumbleweed:polaris-zsh-completion-10.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-zsh-completion-10.1.1-1.1.s390x",
"openSUSE Tumbleweed:polaris-zsh-completion-10.1.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47907",
"url": "https://www.suse.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "SUSE Bug 1247720 for CVE-2025-47907",
"url": "https://bugzilla.suse.com/1247720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:polaris-10.1.1-1.1.aarch64",
"openSUSE Tumbleweed:polaris-10.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-10.1.1-1.1.s390x",
"openSUSE Tumbleweed:polaris-10.1.1-1.1.x86_64",
"openSUSE Tumbleweed:polaris-bash-completion-10.1.1-1.1.aarch64",
"openSUSE Tumbleweed:polaris-bash-completion-10.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-bash-completion-10.1.1-1.1.s390x",
"openSUSE Tumbleweed:polaris-bash-completion-10.1.1-1.1.x86_64",
"openSUSE Tumbleweed:polaris-fish-completion-10.1.1-1.1.aarch64",
"openSUSE Tumbleweed:polaris-fish-completion-10.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-fish-completion-10.1.1-1.1.s390x",
"openSUSE Tumbleweed:polaris-fish-completion-10.1.1-1.1.x86_64",
"openSUSE Tumbleweed:polaris-zsh-completion-10.1.1-1.1.aarch64",
"openSUSE Tumbleweed:polaris-zsh-completion-10.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-zsh-completion-10.1.1-1.1.s390x",
"openSUSE Tumbleweed:polaris-zsh-completion-10.1.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:polaris-10.1.1-1.1.aarch64",
"openSUSE Tumbleweed:polaris-10.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-10.1.1-1.1.s390x",
"openSUSE Tumbleweed:polaris-10.1.1-1.1.x86_64",
"openSUSE Tumbleweed:polaris-bash-completion-10.1.1-1.1.aarch64",
"openSUSE Tumbleweed:polaris-bash-completion-10.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-bash-completion-10.1.1-1.1.s390x",
"openSUSE Tumbleweed:polaris-bash-completion-10.1.1-1.1.x86_64",
"openSUSE Tumbleweed:polaris-fish-completion-10.1.1-1.1.aarch64",
"openSUSE Tumbleweed:polaris-fish-completion-10.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-fish-completion-10.1.1-1.1.s390x",
"openSUSE Tumbleweed:polaris-fish-completion-10.1.1-1.1.x86_64",
"openSUSE Tumbleweed:polaris-zsh-completion-10.1.1-1.1.aarch64",
"openSUSE Tumbleweed:polaris-zsh-completion-10.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:polaris-zsh-completion-10.1.1-1.1.s390x",
"openSUSE Tumbleweed:polaris-zsh-completion-10.1.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-19T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-47907"
}
]
}
suse-su-2025:02837-1
Vulnerability from csaf_suse
Published
2025-08-18 08:35
Modified
2025-08-18 08:35
Summary
Security update for go1.24-openssl
Notes
Title of the patch
Security update for go1.24-openssl
Description of the patch
This update for go1.24-openssl fixes the following issues:
Updated to go1.24.6 (released 2025-08-06) (bsc#1236217):
- CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go (bsc#1246118)
- CVE-2025-47906: Fixed incorrect expansion of '', '.' and '..' in some PATH configurations in LookPath in osc/exec (bsc#1247719)
- CVE-2025-47907: Fixed incorrect results returned from Rows.Scan in database/sql (bsc#1247720)
Updated to version 1.24.6 cut from the go1.24-fips-release
branch at the revision tagged go1.24.6-1-openssl-fips. (jsc#SLE-18320)
- Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil
salt to be passed as a hash length buffer of zeros.
Other fixes:
- cmd/compile: regression on ppc64le bit operations
- cmd/go: crash on unknown GOEXPERIMENT during toolchain selection
- cmd/link: duplicated definition of symbol github.com/ebitengine/purego.syscall15XABI0 when running with ASAN
- internal/trace: stress tests triggering suspected deadlock in tracer
- os/user:nolibgcc: TestGroupIdsTestUser failures
- runtime/pprof: crash 'cannot read stack of running goroutine' in goroutine profile
- runtime: RSS seems to have increased in Go 1.24 while the runtime accounting has not
- runtime: bad frame pointer during panic during duffcopy
- runtime: heap mspan limit is set too late, causing data race between span allocation and conservative scanning
- runtime: memlock not unlocked in all control flow paths in sysReserveAlignedSbrk
- runtime: segfaults in runtime.(*unwinder).next
- runtime: use-after-free of allpSnapshot in findRunnable
Patchnames
SUSE-2025-2837,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2837,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2837,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2837,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2837,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2837,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2837,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2837,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2837,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2837,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2837,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2837,SUSE-Storage-7.1-2025-2837
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.24-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.24-openssl fixes the following issues:\n\nUpdated to go1.24.6 (released 2025-08-06) (bsc#1236217):\n - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go (bsc#1246118)\n - CVE-2025-47906: Fixed incorrect expansion of \u0027\u0027, \u0027.\u0027 and \u0027..\u0027 in some PATH configurations in LookPath in osc/exec (bsc#1247719)\n - CVE-2025-47907: Fixed incorrect results returned from Rows.Scan in database/sql (bsc#1247720)\n\nUpdated to version 1.24.6 cut from the go1.24-fips-release\nbranch at the revision tagged go1.24.6-1-openssl-fips. (jsc#SLE-18320)\n- Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil\n salt to be passed as a hash length buffer of zeros.\n \nOther fixes:\n - cmd/compile: regression on ppc64le bit operations\n - cmd/go: crash on unknown GOEXPERIMENT during toolchain selection\n - cmd/link: duplicated definition of symbol github.com/ebitengine/purego.syscall15XABI0 when running with ASAN\n - internal/trace: stress tests triggering suspected deadlock in tracer\n - os/user:nolibgcc: TestGroupIdsTestUser failures\n - runtime/pprof: crash \u0027cannot read stack of running goroutine\u0027 in goroutine profile\n - runtime: RSS seems to have increased in Go 1.24 while the runtime accounting has not\n - runtime: bad frame pointer during panic during duffcopy\n - runtime: heap mspan limit is set too late, causing data race between span allocation and conservative scanning\n - runtime: memlock not unlocked in all control flow paths in sysReserveAlignedSbrk\n - runtime: segfaults in runtime.(*unwinder).next\n - runtime: use-after-free of allpSnapshot in findRunnable\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2837,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2837,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2837,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2837,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2837,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2837,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2837,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2837,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2837,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2837,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2837,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2837,SUSE-Storage-7.1-2025-2837",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02837-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02837-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502837-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02837-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041246.html"
},
{
"category": "self",
"summary": "SUSE Bug 1236217",
"url": "https://bugzilla.suse.com/1236217"
},
{
"category": "self",
"summary": "SUSE Bug 1246118",
"url": "https://bugzilla.suse.com/1246118"
},
{
"category": "self",
"summary": "SUSE Bug 1247719",
"url": "https://bugzilla.suse.com/1247719"
},
{
"category": "self",
"summary": "SUSE Bug 1247720",
"url": "https://bugzilla.suse.com/1247720"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4674 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47906 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47907 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47907/"
}
],
"title": "Security update for go1.24-openssl",
"tracking": {
"current_release_date": "2025-08-18T08:35:56Z",
"generator": {
"date": "2025-08-18T08:35:56Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02837-1",
"initial_release_date": "2025-08-18T08:35:56Z",
"revision_history": [
{
"date": "2025-08-18T08:35:56Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"product": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"product_id": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"product_id": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"product": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"product_id": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150000.1.12.1.i586",
"product": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.i586",
"product_id": "go1.24-openssl-1.24.6-150000.1.12.1.i586"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.i586",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.i586",
"product_id": "go1.24-openssl-doc-1.24.6-150000.1.12.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"product": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"product_id": "go1.24-openssl-1.24.6-150000.1.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"product_id": "go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"product": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"product_id": "go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"product": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"product_id": "go1.24-openssl-1.24.6-150000.1.12.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"product_id": "go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"product": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"product_id": "go1.24-openssl-race-1.24.6-150000.1.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"product": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"product_id": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"product_id": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"product": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"product_id": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4674"
}
],
"notes": [
{
"category": "general",
"text": "The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS (e.g. Git), but contains metadata for another VCS (e.g. Mercurial). Modules which are retrieved using the go command line, i.e. via \"go get\", are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4674",
"url": "https://www.suse.com/security/cve/CVE-2025-4674"
},
{
"category": "external",
"summary": "SUSE Bug 1246118 for CVE-2025-4674",
"url": "https://bugzilla.suse.com/1246118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T08:35:56Z",
"details": "important"
}
],
"title": "CVE-2025-4674"
},
{
"cve": "CVE-2025-47906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47906"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47906",
"url": "https://www.suse.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "SUSE Bug 1247719 for CVE-2025-47906",
"url": "https://bugzilla.suse.com/1247719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T08:35:56Z",
"details": "moderate"
}
],
"title": "CVE-2025-47906"
},
{
"cve": "CVE-2025-47907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47907"
}
],
"notes": [
{
"category": "general",
"text": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47907",
"url": "https://www.suse.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "SUSE Bug 1247720 for CVE-2025-47907",
"url": "https://bugzilla.suse.com/1247720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-doc-1.24.6-150000.1.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-openssl-race-1.24.6-150000.1.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T08:35:56Z",
"details": "moderate"
}
],
"title": "CVE-2025-47907"
}
]
}
suse-su-2025:03159-1
Vulnerability from csaf_suse
Published
2025-09-11 03:05
Modified
2025-09-11 03:05
Summary
Security update for go1.23-openssl
Notes
Title of the patch
Security update for go1.23-openssl
Description of the patch
This update for go1.23-openssl fixes the following issues:
Update to version 1.23.12 cut from the go1.23-fips-release branch at
the revision tagged go1.23.12-1-openssl-fips. ( jsc#SLE-18320)
* Rebase to 1.23.12
* Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil
salt to be passed as a hash length buffer of zeros.
Packaging improvements:
* Update go_bootstrap_version to go1.21 from go1.20 to shorten
the bootstrap chain. go1.21 can optionally be bootstrapped with
gccgo and serve as the inital version of go1.x.
* Refs boo#1247816 bootstrap go1.21 with gccgo
go1.23.12 (released 2025-08-06) includes security fixes to the
database/sql and os/exec packages, as well as bug fixes to the
runtime.
CVE-2025-47906 CVE-2025-47907:
* go#74803 go#74466 boo#1247719 security: fix CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of '', '.' and '..' in some PATH configurations
* go#74832 go#74831 boo#1247720 security: fix CVE-2025-47907 database/sql: incorrect results returned from Rows.Scan
* go#74415 runtime: use-after-free of allpSnapshot in findRunnable
* go#74693 runtime: segfaults in runtime.(*unwinder).next
* go#74721 cmd/go: TestScript/build_trimpath_cgo fails to decode dwarf on release-branch.go1.23
* go#74726 cmd/cgo/internal/testsanitizers: failures with signal: segmentation fault or exit status 66
go1.23.11 (released 2025-07-08) includes security fixes to the go
command, as well as bug fixes to the compiler, the linker, and
the runtime.
CVE-2025-4674:
* go#74382 go#74380 boo#1246118 security: fix CVE-2025-4674 cmd/go: disable support for multiple vcs in one module
* go#73907 runtime: bad frame pointer during panic during duffcopy
* go#74289 runtime: heap mspan limit is set too late, causing data race between span allocation and conservative scanning
* go#74293 internal/trace: stress tests triggering suspected deadlock in tracer
* go#74362 runtime/pprof: crash 'cannot read stack of running goroutine' in goroutine profile
* go#74402 cmd/link: duplicated definition of symbol github.com/ebitengine/purego.syscall15XABI0 when running with ASAN
go1.23.10 (released 2025-06-05) includes security fixes to the
net/http and os packages, as well as bug fixes to the linker. (boo#1229122 go1.23 release tracking)
CVE-2025-0913 CVE-2025-4673:
* go#73719 go#73612 boo#1244157 security: fix CVE-2025-0913 os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows
* go#73905 go#73816 boo#1244156 security: fix CVE-2025-4673 net/http: sensitive headers not cleared on cross-origin redirect
* go#73677 runtime/debug: BuildSetting does not document DefaultGODEBUG
* go#73831 cmd/link: Go 1.24.3 and 1.23.9 regression - duplicated definition of symbol dlopen
go1.23.9 (released 2025-05-06) includes fixes to the runtime and
the linker. (boo#1229122 go1.23 release tracking)
* go#73091 cmd/link: linkname directive on userspace variable can override runtime variable
* go#73380 runtime, x/sys/unix: Connectx is broken on darwin/amd64
go1.23.8 (released 2025-04-01) includes security fixes to the
net/http package, as well as bug fixes to the runtime and the go
command.
CVE-2025-22871:
* go#72010 go#71988 boo#1240550 security: fix CVE-2025-22871 net/http: reject bare LF in chunked encoding
* go#72114 runtime: process hangs for mips hardware
* go#72871 runtime: cgo callback on extra M treated as external code after nested cgo callback returns
* go#72937 internal/godebugs: winsymlink and winreadlinkvolume have incorrect defaults for Go 1.22
go1.23.7 (released 2025-03-04) includes security fixes to the
net/http package, as well as bug fixes to cgo, the compiler, and
the reflect, runtime, and syscall packages.
CVE-2025-22870:
* go#71985 go#71984 boo#1238572 security: fix CVE-2025-22870 net/http, x/net/proxy, x/net/http/httpproxy: proxy bypass using IPv6 zone IDs
* go#71727 runtime: usleep computes wrong tv_nsec on s390x
* go#71839 runtime: recover added in range-over-func loop body doesn't stop panic propagation / segfaults printing error
* go#71848 os: spurious SIGCHILD on running child process
* go#71875 reflect: Value.Seq panicking on functional iterator methods
* go#71915 reflect: Value.Seq iteration value types not matching the type of given int types
* go#71962 runtime/cgo: does not build with -Wdeclaration-after-statement
go1.23.6 (released 2025-02-04) includes security fixes to the
crypto/elliptic package, as well as bug fixes to the compiler and
the go command.
CVE-2025-22866
* go#71423 go#71383 boo#1236801 security: fix CVE-2025-22866 crypto/internal/fips140/nistec: p256NegCond is variable time on ppc64le
* go#71263 cmd/go/internal/modfetch/codehost: test fails with git 2.47.1
* go#71230 cmd/compile: broken write barrier
go1.23.5 (released 2025-01-16) includes security fixes to the
crypto/x509 and net/http packages, as well as bug fixes to the
compiler, the runtime, and the net package.
CVE-2024-45341 CVE-2024-45336:
* go#71208 go#71156 boo#1236045 security: fix CVE-2024-45341 crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints
* go#71211 go#70530 boo#1236046 security: fix CVE-2024-45336 net/http: sensitive headers incorrectly sent after cross-domain redirect
* go#69988 runtime: severe performance drop for cgo calls in go1.22.5
* go#70517 cmd/compile/internal/importer: flip enable alias to true
* go#70789 os: io.Copy(net.Conn, os.Stdin) on MacOS terminate immediately without waiting for input
* go#71104 crypto/tls: TestVerifyConnection/TLSv12 failures
* go#71147 internal/trace: TestTraceCPUProfile/Stress failures
go1.23.4 (released 2024-12-03) includes fixes to the compiler,
the runtime, the trace command, and the syscall package.
* go#70644 crypto/rsa: new key generation prohibitively slow under race detector
* go#70645 proposal: go/types: add Scope.Node convenience getter
* go#70646 x/tools/gopls: unimported completion corrupts import decl (client=BBEdit)
* go#70648 crypto/tls: TestHandshakeClientECDHEECDSAAESGCM/TLSv12 failures
* go#70649 x/benchmarks/sweet/cmd/sweet: TestSweetEndToEnd failures
* go#70650 crypto/tls: TestGetClientCertificate/TLSv13 failures
* go#70651 x/tools/go/gcexportdata: simplify implementation assuming go >= 1.21
* go#70654 cmd/go: Incorrect output from go list
* go#70655 x/build/cmd/relui: add workflows for some remaining manual recurring Go major release cycle tasks
* go#70657 proposal: bufio: Scanner.IterText/Scanner.IterBytes
* go#70658 x/net/http2: stuck extended CONNECT requests
* go#70659 os: TestRootDirFS failures on linux-mips64 and linux-mips64le arch-mips
* go#70660 crypto/ecdsa: TestRFC6979 failures on s390x
* go#70664 x/mobile: target maccatalyst cannot find OpenGLES header
* go#70665 x/tools/gopls: refactor.extract.variable fails at package level
* go#70666 x/tools/gopls: panic in GetIfaceStubInfo
* go#70667 proposal: crypto/x509: support extracting X25519 public keys from certificates
* go#70668 proposal: x/mobile: better support for unrecovered panics
* go#70669 cmd/go: local failure in TestScript/build_trimpath_cgo
* go#70670 cmd/link: unused functions aren't getting deadcoded from the binary
* go#70674 x/pkgsite: package removal request for https://pkg.go.dev/github.com/uisdevsquad/go-test/debugmate
* go#70675 cmd/go/internal/lockedfile: mountrpc flake in TestTransform on plan9
* go#70677 all: remote file server I/O flakiness with 'Bad fid' errors on plan9
* go#70678 internal/poll: deadlock on 'Intel(R) Xeon(R) Platinum' when an FD is closed
* go#70679 mime/multipart: With go 1.23.3, mime/multipart does not link
Update to version 1.23.2.3 cut from the go1.23-fips-release
branch at the revision tagged go1.23.2-3-openssl-fips. ( jsc#SLE-18320)
* Add negative tests for openssl (#243)
go1.23.3 (released 2024-11-06) includes fixes to the linker, the runtime, and the net/http, os, and syscall packages.
* go#69258 runtime: corrupted GoroutineProfile stack traces
* go#69259 runtime: multi-arch build via qemu fails to exec go binary
* go#69640 os: os.checkPidfd() crashes with SIGSYS
* go#69746 runtime: TestGdbAutotmpTypes failures
* go#69848 cmd/compile: syscall.Syscall15: nosplit stack over 792 byte limit
* go#69865 runtime: MutexProfile missing root frames in go1.23
* go#69882 time,runtime: too many concurrent timer firings for short time.Ticker
* go#69978 time,runtime: too many concurrent timer firings for short, fast-resetting time.Timer
* go#69992 cmd/link: LC_UUID not generated by go linker, resulting in failure to access local network on macOS 15
* go#70001 net/http/pprof: coroutines + pprof makes the program panic
* go#70020 net/http: short writes with FileServer on macos
Patchnames
SUSE-2025-3159,SUSE-SLE-Module-Development-Tools-15-SP6-2025-3159,SUSE-SLE-Module-Development-Tools-15-SP7-2025-3159,openSUSE-SLE-15.6-2025-3159
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.23-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for go1.23-openssl fixes the following issues:\n\nUpdate to version 1.23.12 cut from the go1.23-fips-release branch at\nthe revision tagged go1.23.12-1-openssl-fips. ( jsc#SLE-18320)\n\n * Rebase to 1.23.12\n * Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil\n salt to be passed as a hash length buffer of zeros.\n\nPackaging improvements:\n\n * Update go_bootstrap_version to go1.21 from go1.20 to shorten\n the bootstrap chain. go1.21 can optionally be bootstrapped with\n gccgo and serve as the inital version of go1.x.\n * Refs boo#1247816 bootstrap go1.21 with gccgo\n\ngo1.23.12 (released 2025-08-06) includes security fixes to the\ndatabase/sql and os/exec packages, as well as bug fixes to the\nruntime.\n\nCVE-2025-47906 CVE-2025-47907:\n * go#74803 go#74466 boo#1247719 security: fix CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of \u0027\u0027, \u0027.\u0027 and \u0027..\u0027 in some PATH configurations\n * go#74832 go#74831 boo#1247720 security: fix CVE-2025-47907 database/sql: incorrect results returned from Rows.Scan\n\n * go#74415 runtime: use-after-free of allpSnapshot in findRunnable\n * go#74693 runtime: segfaults in runtime.(*unwinder).next\n * go#74721 cmd/go: TestScript/build_trimpath_cgo fails to decode dwarf on release-branch.go1.23\n * go#74726 cmd/cgo/internal/testsanitizers: failures with signal: segmentation fault or exit status 66\n\ngo1.23.11 (released 2025-07-08) includes security fixes to the go\ncommand, as well as bug fixes to the compiler, the linker, and\nthe runtime.\n\nCVE-2025-4674:\n * go#74382 go#74380 boo#1246118 security: fix CVE-2025-4674 cmd/go: disable support for multiple vcs in one module\n\n * go#73907 runtime: bad frame pointer during panic during duffcopy\n * go#74289 runtime: heap mspan limit is set too late, causing data race between span allocation and conservative scanning\n * go#74293 internal/trace: stress tests triggering suspected deadlock in tracer\n * go#74362 runtime/pprof: crash \u0027cannot read stack of running goroutine\u0027 in goroutine profile\n * go#74402 cmd/link: duplicated definition of symbol github.com/ebitengine/purego.syscall15XABI0 when running with ASAN\n\ngo1.23.10 (released 2025-06-05) includes security fixes to the\nnet/http and os packages, as well as bug fixes to the linker. (boo#1229122 go1.23 release tracking)\n\nCVE-2025-0913 CVE-2025-4673:\n * go#73719 go#73612 boo#1244157 security: fix CVE-2025-0913 os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows\n * go#73905 go#73816 boo#1244156 security: fix CVE-2025-4673 net/http: sensitive headers not cleared on cross-origin redirect\n\n * go#73677 runtime/debug: BuildSetting does not document DefaultGODEBUG\n * go#73831 cmd/link: Go 1.24.3 and 1.23.9 regression - duplicated definition of symbol dlopen\n\ngo1.23.9 (released 2025-05-06) includes fixes to the runtime and\nthe linker. (boo#1229122 go1.23 release tracking)\n\n * go#73091 cmd/link: linkname directive on userspace variable can override runtime variable\n * go#73380 runtime, x/sys/unix: Connectx is broken on darwin/amd64\n\ngo1.23.8 (released 2025-04-01) includes security fixes to the\nnet/http package, as well as bug fixes to the runtime and the go\ncommand.\n\n CVE-2025-22871:\n * go#72010 go#71988 boo#1240550 security: fix CVE-2025-22871 net/http: reject bare LF in chunked encoding\n\n * go#72114 runtime: process hangs for mips hardware\n * go#72871 runtime: cgo callback on extra M treated as external code after nested cgo callback returns\n * go#72937 internal/godebugs: winsymlink and winreadlinkvolume have incorrect defaults for Go 1.22\n\ngo1.23.7 (released 2025-03-04) includes security fixes to the\nnet/http package, as well as bug fixes to cgo, the compiler, and\nthe reflect, runtime, and syscall packages.\n\n CVE-2025-22870:\n * go#71985 go#71984 boo#1238572 security: fix CVE-2025-22870 net/http, x/net/proxy, x/net/http/httpproxy: proxy bypass using IPv6 zone IDs\n\n * go#71727 runtime: usleep computes wrong tv_nsec on s390x\n * go#71839 runtime: recover added in range-over-func loop body doesn\u0027t stop panic propagation / segfaults printing error\n * go#71848 os: spurious SIGCHILD on running child process\n * go#71875 reflect: Value.Seq panicking on functional iterator methods\n * go#71915 reflect: Value.Seq iteration value types not matching the type of given int types\n * go#71962 runtime/cgo: does not build with -Wdeclaration-after-statement\n\ngo1.23.6 (released 2025-02-04) includes security fixes to the\ncrypto/elliptic package, as well as bug fixes to the compiler and\nthe go command.\n\n CVE-2025-22866\n * go#71423 go#71383 boo#1236801 security: fix CVE-2025-22866 crypto/internal/fips140/nistec: p256NegCond is variable time on ppc64le\n\n * go#71263 cmd/go/internal/modfetch/codehost: test fails with git 2.47.1\n * go#71230 cmd/compile: broken write barrier\n\ngo1.23.5 (released 2025-01-16) includes security fixes to the\ncrypto/x509 and net/http packages, as well as bug fixes to the\ncompiler, the runtime, and the net package.\n\n CVE-2024-45341 CVE-2024-45336:\n * go#71208 go#71156 boo#1236045 security: fix CVE-2024-45341 crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints\n * go#71211 go#70530 boo#1236046 security: fix CVE-2024-45336 net/http: sensitive headers incorrectly sent after cross-domain redirect\n\n * go#69988 runtime: severe performance drop for cgo calls in go1.22.5\n * go#70517 cmd/compile/internal/importer: flip enable alias to true\n * go#70789 os: io.Copy(net.Conn, os.Stdin) on MacOS terminate immediately without waiting for input\n * go#71104 crypto/tls: TestVerifyConnection/TLSv12 failures\n * go#71147 internal/trace: TestTraceCPUProfile/Stress failures\n\ngo1.23.4 (released 2024-12-03) includes fixes to the compiler,\nthe runtime, the trace command, and the syscall package.\n\n * go#70644 crypto/rsa: new key generation prohibitively slow under race detector\n * go#70645 proposal: go/types: add Scope.Node convenience getter\n * go#70646 x/tools/gopls: unimported completion corrupts import decl (client=BBEdit)\n * go#70648 crypto/tls: TestHandshakeClientECDHEECDSAAESGCM/TLSv12 failures\n * go#70649 x/benchmarks/sweet/cmd/sweet: TestSweetEndToEnd failures\n * go#70650 crypto/tls: TestGetClientCertificate/TLSv13 failures\n * go#70651 x/tools/go/gcexportdata: simplify implementation assuming go \u003e= 1.21\n * go#70654 cmd/go: Incorrect output from go list\n * go#70655 x/build/cmd/relui: add workflows for some remaining manual recurring Go major release cycle tasks\n * go#70657 proposal: bufio: Scanner.IterText/Scanner.IterBytes\n * go#70658 x/net/http2: stuck extended CONNECT requests\n * go#70659 os: TestRootDirFS failures on linux-mips64 and linux-mips64le arch-mips\n * go#70660 crypto/ecdsa: TestRFC6979 failures on s390x\n * go#70664 x/mobile: target maccatalyst cannot find OpenGLES header\n * go#70665 x/tools/gopls: refactor.extract.variable fails at package level\n * go#70666 x/tools/gopls: panic in GetIfaceStubInfo\n * go#70667 proposal: crypto/x509: support extracting X25519 public keys from certificates\n * go#70668 proposal: x/mobile: better support for unrecovered panics\n * go#70669 cmd/go: local failure in TestScript/build_trimpath_cgo\n * go#70670 cmd/link: unused functions aren\u0027t getting deadcoded from the binary\n * go#70674 x/pkgsite: package removal request for https://pkg.go.dev/github.com/uisdevsquad/go-test/debugmate\n * go#70675 cmd/go/internal/lockedfile: mountrpc flake in TestTransform on plan9\n * go#70677 all: remote file server I/O flakiness with \u0027Bad fid\u0027 errors on plan9\n * go#70678 internal/poll: deadlock on \u0027Intel(R) Xeon(R) Platinum\u0027 when an FD is closed\n * go#70679 mime/multipart: With go 1.23.3, mime/multipart does not link\n\nUpdate to version 1.23.2.3 cut from the go1.23-fips-release\nbranch at the revision tagged go1.23.2-3-openssl-fips. ( jsc#SLE-18320)\n\n* Add negative tests for openssl (#243)\n\ngo1.23.3 (released 2024-11-06) includes fixes to the linker, the runtime, and the net/http, os, and syscall packages.\n\n * go#69258 runtime: corrupted GoroutineProfile stack traces\n * go#69259 runtime: multi-arch build via qemu fails to exec go binary\n * go#69640 os: os.checkPidfd() crashes with SIGSYS\n * go#69746 runtime: TestGdbAutotmpTypes failures\n * go#69848 cmd/compile: syscall.Syscall15: nosplit stack over 792 byte limit\n * go#69865 runtime: MutexProfile missing root frames in go1.23\n * go#69882 time,runtime: too many concurrent timer firings for short time.Ticker\n * go#69978 time,runtime: too many concurrent timer firings for short, fast-resetting time.Timer\n * go#69992 cmd/link: LC_UUID not generated by go linker, resulting in failure to access local network on macOS 15\n * go#70001 net/http/pprof: coroutines + pprof makes the program panic\n * go#70020 net/http: short writes with FileServer on macos\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3159,SUSE-SLE-Module-Development-Tools-15-SP6-2025-3159,SUSE-SLE-Module-Development-Tools-15-SP7-2025-3159,openSUSE-SLE-15.6-2025-3159",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03159-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03159-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503159-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03159-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041646.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229122",
"url": "https://bugzilla.suse.com/1229122"
},
{
"category": "self",
"summary": "SUSE Bug 1236045",
"url": "https://bugzilla.suse.com/1236045"
},
{
"category": "self",
"summary": "SUSE Bug 1236046",
"url": "https://bugzilla.suse.com/1236046"
},
{
"category": "self",
"summary": "SUSE Bug 1236801",
"url": "https://bugzilla.suse.com/1236801"
},
{
"category": "self",
"summary": "SUSE Bug 1238572",
"url": "https://bugzilla.suse.com/1238572"
},
{
"category": "self",
"summary": "SUSE Bug 1240550",
"url": "https://bugzilla.suse.com/1240550"
},
{
"category": "self",
"summary": "SUSE Bug 1244156",
"url": "https://bugzilla.suse.com/1244156"
},
{
"category": "self",
"summary": "SUSE Bug 1244157",
"url": "https://bugzilla.suse.com/1244157"
},
{
"category": "self",
"summary": "SUSE Bug 1246118",
"url": "https://bugzilla.suse.com/1246118"
},
{
"category": "self",
"summary": "SUSE Bug 1247719",
"url": "https://bugzilla.suse.com/1247719"
},
{
"category": "self",
"summary": "SUSE Bug 1247720",
"url": "https://bugzilla.suse.com/1247720"
},
{
"category": "self",
"summary": "SUSE Bug 1247816",
"url": "https://bugzilla.suse.com/1247816"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45336 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45336/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45341 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45341/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22866 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4673 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4674 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47906 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47907 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47907/"
}
],
"title": "Security update for go1.23-openssl",
"tracking": {
"current_release_date": "2025-09-11T03:05:02Z",
"generator": {
"date": "2025-09-11T03:05:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03159-1",
"initial_release_date": "2025-09-11T03:05:02Z",
"revision_history": [
{
"date": "2025-09-11T03:05:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"product": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"product_id": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"product": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"product_id": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"product": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"product_id": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.12-150600.13.9.1.i586",
"product": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.i586",
"product_id": "go1.23-openssl-1.23.12-150600.13.9.1.i586"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.i586",
"product": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.i586",
"product_id": "go1.23-openssl-doc-1.23.12-150600.13.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"product": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"product_id": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"product": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"product_id": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"product": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"product_id": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"product": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"product_id": "go1.23-openssl-1.23.12-150600.13.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"product": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"product_id": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"product": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"product_id": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"product": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"product_id": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"product": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"product_id": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"product": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"product_id": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45336",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45336"
}
],
"notes": [
{
"category": "general",
"text": "The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45336",
"url": "https://www.suse.com/security/cve/CVE-2024-45336"
},
{
"category": "external",
"summary": "SUSE Bug 1236045 for CVE-2024-45336",
"url": "https://bugzilla.suse.com/1236045"
},
{
"category": "external",
"summary": "SUSE Bug 1236046 for CVE-2024-45336",
"url": "https://bugzilla.suse.com/1236046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-45336"
},
{
"cve": "CVE-2024-45341",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45341"
}
],
"notes": [
{
"category": "general",
"text": "A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the web PKI, so this only affects users of private PKIs which make use of URIs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45341",
"url": "https://www.suse.com/security/cve/CVE-2024-45341"
},
{
"category": "external",
"summary": "SUSE Bug 1236045 for CVE-2024-45341",
"url": "https://bugzilla.suse.com/1236045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-45341"
},
{
"cve": "CVE-2025-0913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0913"
}
],
"notes": [
{
"category": "general",
"text": "os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0913",
"url": "https://www.suse.com/security/cve/CVE-2025-0913"
},
{
"category": "external",
"summary": "SUSE Bug 1244157 for CVE-2025-0913",
"url": "https://bugzilla.suse.com/1244157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-0913"
},
{
"cve": "CVE-2025-22866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22866"
}
],
"notes": [
{
"category": "general",
"text": "Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recovery of the private key when P-256 is used in any well known protocols.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22866",
"url": "https://www.suse.com/security/cve/CVE-2025-22866"
},
{
"category": "external",
"summary": "SUSE Bug 1236801 for CVE-2025-22866",
"url": "https://bugzilla.suse.com/1236801"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22866"
},
{
"cve": "CVE-2025-22870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22870"
}
],
"notes": [
{
"category": "general",
"text": "Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22870",
"url": "https://www.suse.com/security/cve/CVE-2025-22870"
},
{
"category": "external",
"summary": "SUSE Bug 1238572 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238572"
},
{
"category": "external",
"summary": "SUSE Bug 1238611 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22870"
},
{
"cve": "CVE-2025-22871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22871"
}
],
"notes": [
{
"category": "general",
"text": "The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22871",
"url": "https://www.suse.com/security/cve/CVE-2025-22871"
},
{
"category": "external",
"summary": "SUSE Bug 1240550 for CVE-2025-22871",
"url": "https://bugzilla.suse.com/1240550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-22871"
},
{
"cve": "CVE-2025-4673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4673"
}
],
"notes": [
{
"category": "general",
"text": "Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4673",
"url": "https://www.suse.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "SUSE Bug 1244156 for CVE-2025-4673",
"url": "https://bugzilla.suse.com/1244156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-4673"
},
{
"cve": "CVE-2025-4674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4674"
}
],
"notes": [
{
"category": "general",
"text": "The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS (e.g. Git), but contains metadata for another VCS (e.g. Mercurial). Modules which are retrieved using the go command line, i.e. via \"go get\", are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4674",
"url": "https://www.suse.com/security/cve/CVE-2025-4674"
},
{
"category": "external",
"summary": "SUSE Bug 1246118 for CVE-2025-4674",
"url": "https://bugzilla.suse.com/1246118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "important"
}
],
"title": "CVE-2025-4674"
},
{
"cve": "CVE-2025-47906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47906"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47906",
"url": "https://www.suse.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "SUSE Bug 1247719 for CVE-2025-47906",
"url": "https://bugzilla.suse.com/1247719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-47906"
},
{
"cve": "CVE-2025-47907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47907"
}
],
"notes": [
{
"category": "general",
"text": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47907",
"url": "https://www.suse.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "SUSE Bug 1247720 for CVE-2025-47907",
"url": "https://bugzilla.suse.com/1247720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.12-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.12-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:05:02Z",
"details": "moderate"
}
],
"title": "CVE-2025-47907"
}
]
}
suse-su-2025:02812-1
Vulnerability from csaf_suse
Published
2025-08-15 12:52
Modified
2025-08-15 12:52
Summary
Security update for go1.23-openssl
Notes
Title of the patch
Security update for go1.23-openssl
Description of the patch
This update for go1.23-openssl fixes the following issues:
Updated to go1.23.12 (released 2025-08-06) (bsc#1229122):
- CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go (bsc#1246118)
- CVE-2025-47906: Fixed incorrect expansion of '', '.' and '..' in some PATH configurations in LookPath in osc/exec (bsc#1247719)
- CVE-2025-47907: Fixed incorrect results returned from Rows.Scan in database/sql (bsc#1247720)
Updated to version 1.23.12 cut from the go1.23-fips-release
branch at the revision tagged go1.23.12-1-openssl-fips (jsc#SLE-18320)
- Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil
salt to be passed as a hash length buffer of zeros.
Other fixes:
- runtime: use-after-free of allpSnapshot in findRunnable
- runtime: segfaults in runtime.(*unwinder).next
- cmd/go: TestScript/build_trimpath_cgo fails to decode dwarf on release-branch.go1.23
- cmd/cgo/internal/testsanitizers: failures with signal: segmentation fault or exit status 66
- runtime: bad frame pointer during panic during duffcopy
- runtime: heap mspan limit is set too late, causing data race between span allocation and conservative scanning
- internal/trace: stress tests triggering suspected deadlock in tracer
- runtime/pprof: crash 'cannot read stack of running goroutine' in goroutine profile
- cmd/link: duplicated definition of symbol github.com/ebitengine/purego.syscall15XABI0 when running with ASAN
Patchnames
SUSE-2025-2812,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2812,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2812,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2812,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2812,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2812,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2812,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2812,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2812,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2812,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2812,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2812,SUSE-Storage-7.1-2025-2812
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.23-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.23-openssl fixes the following issues:\n\nUpdated to go1.23.12 (released 2025-08-06) (bsc#1229122): \n - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go (bsc#1246118) \n - CVE-2025-47906: Fixed incorrect expansion of \u0027\u0027, \u0027.\u0027 and \u0027..\u0027 in some PATH configurations in LookPath in osc/exec (bsc#1247719) \n - CVE-2025-47907: Fixed incorrect results returned from Rows.Scan in database/sql (bsc#1247720) \n\nUpdated to version 1.23.12 cut from the go1.23-fips-release\nbranch at the revision tagged go1.23.12-1-openssl-fips (jsc#SLE-18320)\n - Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil\n salt to be passed as a hash length buffer of zeros.\n \nOther fixes:\n - runtime: use-after-free of allpSnapshot in findRunnable\n - runtime: segfaults in runtime.(*unwinder).next\n - cmd/go: TestScript/build_trimpath_cgo fails to decode dwarf on release-branch.go1.23\n - cmd/cgo/internal/testsanitizers: failures with signal: segmentation fault or exit status 66\n - runtime: bad frame pointer during panic during duffcopy\n - runtime: heap mspan limit is set too late, causing data race between span allocation and conservative scanning\n - internal/trace: stress tests triggering suspected deadlock in tracer\n - runtime/pprof: crash \u0027cannot read stack of running goroutine\u0027 in goroutine profile\n - cmd/link: duplicated definition of symbol github.com/ebitengine/purego.syscall15XABI0 when running with ASAN \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2812,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2812,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2812,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2812,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2812,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2812,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2812,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2812,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2812,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2812,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2812,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2812,SUSE-Storage-7.1-2025-2812",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02812-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02812-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502812-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02812-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041227.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229122",
"url": "https://bugzilla.suse.com/1229122"
},
{
"category": "self",
"summary": "SUSE Bug 1246118",
"url": "https://bugzilla.suse.com/1246118"
},
{
"category": "self",
"summary": "SUSE Bug 1247719",
"url": "https://bugzilla.suse.com/1247719"
},
{
"category": "self",
"summary": "SUSE Bug 1247720",
"url": "https://bugzilla.suse.com/1247720"
},
{
"category": "self",
"summary": "SUSE Bug 1247816",
"url": "https://bugzilla.suse.com/1247816"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4674 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47906 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47907 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47907/"
}
],
"title": "Security update for go1.23-openssl",
"tracking": {
"current_release_date": "2025-08-15T12:52:43Z",
"generator": {
"date": "2025-08-15T12:52:43Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02812-1",
"initial_release_date": "2025-08-15T12:52:43Z",
"revision_history": [
{
"date": "2025-08-15T12:52:43Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"product": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"product_id": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"product": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"product_id": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"product": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"product_id": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.12-150000.1.18.1.i586",
"product": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.i586",
"product_id": "go1.23-openssl-1.23.12-150000.1.18.1.i586"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.i586",
"product": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.i586",
"product_id": "go1.23-openssl-doc-1.23.12-150000.1.18.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"product": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"product_id": "go1.23-openssl-1.23.12-150000.1.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"product": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"product_id": "go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"product": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"product_id": "go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"product": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"product_id": "go1.23-openssl-1.23.12-150000.1.18.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"product": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"product_id": "go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"product": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"product_id": "go1.23-openssl-race-1.23.12-150000.1.18.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"product": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"product_id": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"product": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"product_id": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"product": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"product_id": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4674"
}
],
"notes": [
{
"category": "general",
"text": "The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS (e.g. Git), but contains metadata for another VCS (e.g. Mercurial). Modules which are retrieved using the go command line, i.e. via \"go get\", are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4674",
"url": "https://www.suse.com/security/cve/CVE-2025-4674"
},
{
"category": "external",
"summary": "SUSE Bug 1246118 for CVE-2025-4674",
"url": "https://bugzilla.suse.com/1246118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-15T12:52:43Z",
"details": "important"
}
],
"title": "CVE-2025-4674"
},
{
"cve": "CVE-2025-47906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47906"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47906",
"url": "https://www.suse.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "SUSE Bug 1247719 for CVE-2025-47906",
"url": "https://bugzilla.suse.com/1247719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-15T12:52:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-47906"
},
{
"cve": "CVE-2025-47907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47907"
}
],
"notes": [
{
"category": "general",
"text": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47907",
"url": "https://www.suse.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "SUSE Bug 1247720 for CVE-2025-47907",
"url": "https://bugzilla.suse.com/1247720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-doc-1.23.12-150000.1.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.23-openssl-race-1.23.12-150000.1.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-15T12:52:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-47907"
}
]
}
suse-su-2025:03158-1
Vulnerability from csaf_suse
Published
2025-09-11 03:04
Modified
2025-09-11 03:04
Summary
Security update for go1.24-openssl
Notes
Title of the patch
Security update for go1.24-openssl
Description of the patch
This security update of go1.24-openssl fixes the following issues:
Update to version 1.24.6 cut from the go1.24-fips-release
branch at the revision tagged go1.24.6-1-openssl-fips.
Refs jsc#SLE-18320
* Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil
salt to be passed as a hash length buffer of zeros.
go1.24.6 (released 2025-08-06) includes security fixes to the
database/sql and os/exec packages, as well as bug fixes to the
runtime. ( boo#1236217 go1.24 release tracking)
CVE-2025-47906 CVE-2025-47907:
* go#74804 go#74466 boo#1247719 security: fix CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of '', '.' and '..' in some PATH configurations
* go#74833 go#74831 boo#1247720 security: fix CVE-2025-47907 database/sql: incorrect results returned from Rows.Scan
* go#73800 runtime: RSS seems to have increased in Go 1.24 while the runtime accounting has not
* go#74416 runtime: use-after-free of allpSnapshot in findRunnable
* go#74694 runtime: segfaults in runtime.(*unwinder).next
* go#74760 os/user:nolibgcc: TestGroupIdsTestUser failures
go1.24.5 (released 2025-07-08) includes security fixes to the go
command, as well as bug fixes to the compiler, the linker, the , and
the go command. ( boo#1236217 go1.24 release tracking)
j
CVE-2025-4674:
* go#74381 go#74380 boo#1246118 security: fix CVE-2025-4674 cmd/go: disable support for multiple vcs in one module
* go#73908 runtime: bad frame pointer during panic during duffcopy
* go#74098 cmd/compile: regression on ppc64le bit operations
* go#74113 cmd/go: crash on unknown GOEXPERIMENT during toolchain selection
* go#74290 runtime: heap mspan limit is set too late, causing data race between span allocation and conservative scanning
* go#74294 internal/trace: stress tests triggering suspected deadlock in tracer
* go#74346 runtime: memlock not unlocked in all control flow paths in sysReserveAlignedSbrk
* go#74363 runtime/pprof: crash 'cannot read stack of running goroutine' in goroutine profile
* go#74403 cmd/link: duplicated definition of symbol github.com/ebitengine/purego.syscall15XABI0 when running with ASAN
go1.24.4 (released 2025-06-05) includes security fixes to the
crypto/x509, net/http, and os packages, as well as bug fixes to
the linker, the go command, and the hash/maphash and os packages.
( boo#1236217 go1.24 release tracking)
CVE-2025-22874 CVE-2025-0913 CVE-2025-4673
* go#73700 go#73702 boo#1244158 security: fix CVE-2025-22874 crypto/x509: ExtKeyUsageAny bypasses policy validation
* go#73720 go#73612 boo#1244157 security: fix CVE-2025-0913 os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows
* go#73906 go#73816 boo#1244156 security: fix CVE-2025-4673 net/http: sensitive headers not cleared on cross-origin redirect
* go#73570 os: Root.Mkdir creates directories with zero permissions on OpenBSD
* go#73669 hash/maphash: hashing channels with purego impl. of maphash.Comparable panics
* go#73678 runtime/debug: BuildSetting does not document DefaultGODEBUG
* go#73809 cmd/go: add fips140 module selection mechanism
* go#73832 cmd/link: Go 1.24.3 and 1.23.9 regression - duplicated definition of symbol dlopen
Patchnames
SUSE-2025-3158,SUSE-SLE-Module-Development-Tools-15-SP6-2025-3158,SUSE-SLE-Module-Development-Tools-15-SP7-2025-3158,openSUSE-SLE-15.6-2025-3158
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.24-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis security update of go1.24-openssl fixes the following issues:\n\nUpdate to version 1.24.6 cut from the go1.24-fips-release\nbranch at the revision tagged go1.24.6-1-openssl-fips.\nRefs jsc#SLE-18320\n\n* Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil\n salt to be passed as a hash length buffer of zeros.\n\ngo1.24.6 (released 2025-08-06) includes security fixes to the\ndatabase/sql and os/exec packages, as well as bug fixes to the\nruntime. ( boo#1236217 go1.24 release tracking)\n\nCVE-2025-47906 CVE-2025-47907:\n\n* go#74804 go#74466 boo#1247719 security: fix CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of \u0027\u0027, \u0027.\u0027 and \u0027..\u0027 in some PATH configurations\n* go#74833 go#74831 boo#1247720 security: fix CVE-2025-47907 database/sql: incorrect results returned from Rows.Scan\n\n* go#73800 runtime: RSS seems to have increased in Go 1.24 while the runtime accounting has not\n* go#74416 runtime: use-after-free of allpSnapshot in findRunnable\n* go#74694 runtime: segfaults in runtime.(*unwinder).next\n* go#74760 os/user:nolibgcc: TestGroupIdsTestUser failures\n\ngo1.24.5 (released 2025-07-08) includes security fixes to the go\ncommand, as well as bug fixes to the compiler, the linker, the , and\nthe go command. ( boo#1236217 go1.24 release tracking)\nj\nCVE-2025-4674:\n\n* go#74381 go#74380 boo#1246118 security: fix CVE-2025-4674 cmd/go: disable support for multiple vcs in one module\n\n* go#73908 runtime: bad frame pointer during panic during duffcopy\n* go#74098 cmd/compile: regression on ppc64le bit operations\n* go#74113 cmd/go: crash on unknown GOEXPERIMENT during toolchain selection\n* go#74290 runtime: heap mspan limit is set too late, causing data race between span allocation and conservative scanning\n* go#74294 internal/trace: stress tests triggering suspected deadlock in tracer\n* go#74346 runtime: memlock not unlocked in all control flow paths in sysReserveAlignedSbrk\n* go#74363 runtime/pprof: crash \u0027cannot read stack of running goroutine\u0027 in goroutine profile\n* go#74403 cmd/link: duplicated definition of symbol github.com/ebitengine/purego.syscall15XABI0 when running with ASAN\n\ngo1.24.4 (released 2025-06-05) includes security fixes to the\ncrypto/x509, net/http, and os packages, as well as bug fixes to\nthe linker, the go command, and the hash/maphash and os packages.\n( boo#1236217 go1.24 release tracking)\n\nCVE-2025-22874 CVE-2025-0913 CVE-2025-4673\n* go#73700 go#73702 boo#1244158 security: fix CVE-2025-22874 crypto/x509: ExtKeyUsageAny bypasses policy validation\n* go#73720 go#73612 boo#1244157 security: fix CVE-2025-0913 os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows\n* go#73906 go#73816 boo#1244156 security: fix CVE-2025-4673 net/http: sensitive headers not cleared on cross-origin redirect\n\n* go#73570 os: Root.Mkdir creates directories with zero permissions on OpenBSD\n* go#73669 hash/maphash: hashing channels with purego impl. of maphash.Comparable panics\n* go#73678 runtime/debug: BuildSetting does not document DefaultGODEBUG\n* go#73809 cmd/go: add fips140 module selection mechanism\n* go#73832 cmd/link: Go 1.24.3 and 1.23.9 regression - duplicated definition of symbol dlopen\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3158,SUSE-SLE-Module-Development-Tools-15-SP6-2025-3158,SUSE-SLE-Module-Development-Tools-15-SP7-2025-3158,openSUSE-SLE-15.6-2025-3158",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03158-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03158-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503158-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03158-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041648.html"
},
{
"category": "self",
"summary": "SUSE Bug 1236217",
"url": "https://bugzilla.suse.com/1236217"
},
{
"category": "self",
"summary": "SUSE Bug 1244156",
"url": "https://bugzilla.suse.com/1244156"
},
{
"category": "self",
"summary": "SUSE Bug 1244157",
"url": "https://bugzilla.suse.com/1244157"
},
{
"category": "self",
"summary": "SUSE Bug 1244158",
"url": "https://bugzilla.suse.com/1244158"
},
{
"category": "self",
"summary": "SUSE Bug 1246118",
"url": "https://bugzilla.suse.com/1246118"
},
{
"category": "self",
"summary": "SUSE Bug 1247719",
"url": "https://bugzilla.suse.com/1247719"
},
{
"category": "self",
"summary": "SUSE Bug 1247720",
"url": "https://bugzilla.suse.com/1247720"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22874 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4673 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4674 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47906 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47907 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47907/"
}
],
"title": "Security update for go1.24-openssl",
"tracking": {
"current_release_date": "2025-09-11T03:04:46Z",
"generator": {
"date": "2025-09-11T03:04:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03158-1",
"initial_release_date": "2025-09-11T03:04:46Z",
"revision_history": [
{
"date": "2025-09-11T03:04:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"product": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"product_id": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"product_id": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"product": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"product_id": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150600.13.9.1.i586",
"product": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.i586",
"product_id": "go1.24-openssl-1.24.6-150600.13.9.1.i586"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.i586",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.i586",
"product_id": "go1.24-openssl-doc-1.24.6-150600.13.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"product": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"product_id": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"product_id": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"product": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"product_id": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"product": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"product_id": "go1.24-openssl-1.24.6-150600.13.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"product_id": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"product": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"product_id": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"product": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"product_id": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"product": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"product_id": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"product": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"product_id": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
},
"product_reference": "go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0913"
}
],
"notes": [
{
"category": "general",
"text": "os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0913",
"url": "https://www.suse.com/security/cve/CVE-2025-0913"
},
{
"category": "external",
"summary": "SUSE Bug 1244157 for CVE-2025-0913",
"url": "https://bugzilla.suse.com/1244157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-0913"
},
{
"cve": "CVE-2025-22874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22874"
}
],
"notes": [
{
"category": "general",
"text": "Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22874",
"url": "https://www.suse.com/security/cve/CVE-2025-22874"
},
{
"category": "external",
"summary": "SUSE Bug 1244158 for CVE-2025-22874",
"url": "https://bugzilla.suse.com/1244158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "important"
}
],
"title": "CVE-2025-22874"
},
{
"cve": "CVE-2025-4673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4673"
}
],
"notes": [
{
"category": "general",
"text": "Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4673",
"url": "https://www.suse.com/security/cve/CVE-2025-4673"
},
{
"category": "external",
"summary": "SUSE Bug 1244156 for CVE-2025-4673",
"url": "https://bugzilla.suse.com/1244156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-4673"
},
{
"cve": "CVE-2025-4674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4674"
}
],
"notes": [
{
"category": "general",
"text": "The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS (e.g. Git), but contains metadata for another VCS (e.g. Mercurial). Modules which are retrieved using the go command line, i.e. via \"go get\", are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4674",
"url": "https://www.suse.com/security/cve/CVE-2025-4674"
},
{
"category": "external",
"summary": "SUSE Bug 1246118 for CVE-2025-4674",
"url": "https://bugzilla.suse.com/1246118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "important"
}
],
"title": "CVE-2025-4674"
},
{
"cve": "CVE-2025-47906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47906"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47906",
"url": "https://www.suse.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "SUSE Bug 1247719 for CVE-2025-47906",
"url": "https://bugzilla.suse.com/1247719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-47906"
},
{
"cve": "CVE-2025-47907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47907"
}
],
"notes": [
{
"category": "general",
"text": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47907",
"url": "https://www.suse.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "SUSE Bug 1247720 for CVE-2025-47907",
"url": "https://bugzilla.suse.com/1247720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-doc-1.24.6-150600.13.9.1.x86_64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.aarch64",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.ppc64le",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.s390x",
"openSUSE Leap 15.6:go1.24-openssl-race-1.24.6-150600.13.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-11T03:04:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-47907"
}
]
}
wid-sec-w-2025-2251
Vulnerability from csaf_certbund
Published
2025-10-09 22:00
Modified
2025-10-15 22:00
Summary
Red Hat OpenShift GitOps: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenShift GitOps ist eine Lösung, die Git als Single Source of Truth für die deklarative Infrastruktur- und Anwendungsbereitstellung in OpenShift-Clustern nutzt.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift GitOps ausnutzen, um Daten zu manipulieren, falsche Informationen darzustellen, oder einen Denial of Service zu verursachen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat OpenShift GitOps ist eine L\u00f6sung, die Git als Single Source of Truth f\u00fcr die deklarative Infrastruktur- und Anwendungsbereitstellung in OpenShift-Clustern nutzt.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift GitOps ausnutzen, um Daten zu manipulieren, falsche Informationen darzustellen, oder einen Denial of Service zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2251 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2251.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2251 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2251"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2025-10-09",
"url": "https://access.redhat.com/errata/RHSA-2025:17731"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18093 vom 2025-10-15",
"url": "https://access.redhat.com/errata/RHSA-2025:18093"
}
],
"source_lang": "en-US",
"title": "Red Hat OpenShift GitOps: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-15T22:00:00.000+00:00",
"generator": {
"date": "2025-10-16T09:43:25.495+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-2251",
"initial_release_date": "2025-10-09T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-10-09T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-10-15T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.17.2",
"product": {
"name": "Red Hat OpenShift GitOps \u003c1.17.2",
"product_id": "T047551"
}
},
{
"category": "product_version",
"name": "1.17.2",
"product": {
"name": "Red Hat OpenShift GitOps 1.17.2",
"product_id": "T047551-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.17.2"
}
}
}
],
"category": "product_name",
"name": "OpenShift GitOps"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22874",
"product_status": {
"known_affected": [
"67646",
"T047551"
]
},
"release_date": "2025-10-09T22:00:00.000+00:00",
"title": "CVE-2025-22874"
},
{
"cve": "CVE-2025-47907",
"product_status": {
"known_affected": [
"67646",
"T047551"
]
},
"release_date": "2025-10-09T22:00:00.000+00:00",
"title": "CVE-2025-47907"
},
{
"cve": "CVE-2025-59531",
"product_status": {
"known_affected": [
"67646",
"T047551"
]
},
"release_date": "2025-10-09T22:00:00.000+00:00",
"title": "CVE-2025-59531"
},
{
"cve": "CVE-2025-59537",
"product_status": {
"known_affected": [
"67646",
"T047551"
]
},
"release_date": "2025-10-09T22:00:00.000+00:00",
"title": "CVE-2025-59537"
},
{
"cve": "CVE-2025-59538",
"product_status": {
"known_affected": [
"67646",
"T047551"
]
},
"release_date": "2025-10-09T22:00:00.000+00:00",
"title": "CVE-2025-59538"
}
]
}
wid-sec-w-2025-1740
Vulnerability from csaf_certbund
Published
2025-08-06 22:00
Modified
2025-10-01 22:00
Summary
Golang Go: Mehrere Schwachstellen ermöglichen Manipulation von Dateien
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Go ist eine quelloffene Programmiersprache.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um Dateien zu manipulieren.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Go ist eine quelloffene Programmiersprache.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um Dateien zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1740 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1740.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1740 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1740"
},
{
"category": "external",
"summary": "Golang Announce vom 2025-08-06",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM/m/5_v-oMjUAgAJ"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2025-08-06",
"url": "https://seclists.org/oss-sec/2025/q3/77"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15423-1 vom 2025-08-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FWMLV4NZCXG2VOUDW5M5HNF5FAITFCDJ/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15420-1 vom 2025-08-08",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q2O5BKP6MKBBWHIU3WHQVIRINDPUW26D/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15422-1 vom 2025-08-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CEKFSEC66PNEYKCOVTU3XUYIT5NFKQS2/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02760-1 vom 2025-08-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022145.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02759-1 vom 2025-08-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022146.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02812-1 vom 2025-08-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022176.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02837-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022191.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02924-1 vom 2025-08-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022236.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2984 vom 2025-09-04",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2984.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03115-1 vom 2025-09-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022415.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03158-1 vom 2025-09-11",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HAVLJWP2USKN4NDD3DHWC5JLHYAIS3ZK/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03159-1 vom 2025-09-11",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XFEARURIFMW7G6QDQKSBP7SQWCSCVYJS/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03161-1 vom 2025-09-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022496.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-D6BA5942CB vom 2025-09-29",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-d6ba5942cb"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-AD509C483B vom 2025-09-29",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-ad509c483b"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7246873 vom 2025-10-01",
"url": "https://www.ibm.com/support/pages/node/7246873"
}
],
"source_lang": "en-US",
"title": "Golang Go: Mehrere Schwachstellen erm\u00f6glichen Manipulation von Dateien",
"tracking": {
"current_release_date": "2025-10-01T22:00:00.000+00:00",
"generator": {
"date": "2025-10-02T08:18:29.947+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1740",
"initial_release_date": "2025-08-06T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-08-06T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-08-10T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-08-12T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-08-17T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-08-18T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-08-19T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-04T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-09-09T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-10T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-11T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-18T22:00:00.000+00:00",
"number": "11",
"summary": "Referenz(en) aufgenommen: EUVD-2025-30195, GO-2025-3956"
},
{
"date": "2025-09-29T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2025-10-01T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "13"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.24.6",
"product": {
"name": "Golang Go \u003c1.24.6",
"product_id": "T045944"
}
},
{
"category": "product_version",
"name": "1.24.6",
"product": {
"name": "Golang Go 1.24.6",
"product_id": "T045944-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:1.24.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.23.12",
"product": {
"name": "Golang Go \u003c1.23.12",
"product_id": "T045945"
}
},
{
"category": "product_version",
"name": "1.23.12",
"product": {
"name": "Golang Go 1.23.12",
"product_id": "T045945-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:1.23.12"
}
}
}
],
"category": "product_name",
"name": "Go"
}
],
"category": "vendor",
"name": "Golang"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.16.0",
"product": {
"name": "IBM App Connect Enterprise \u003c12.16.0",
"product_id": "T047348"
}
},
{
"category": "product_version",
"name": "12.16.0",
"product": {
"name": "IBM App Connect Enterprise 12.16.0",
"product_id": "T047348-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:12.16.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c12.0.16",
"product": {
"name": "IBM App Connect Enterprise \u003c12.0.16",
"product_id": "T047349"
}
},
{
"category": "product_version",
"name": "12.0.16",
"product": {
"name": "IBM App Connect Enterprise 12.0.16",
"product_id": "T047349-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:12.0.16"
}
}
}
],
"category": "product_name",
"name": "App Connect Enterprise"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47906",
"product_status": {
"known_affected": [
"T047348",
"T047349",
"T002207",
"T045945",
"T045944",
"T027843",
"398363",
"74185"
]
},
"release_date": "2025-08-06T22:00:00.000+00:00",
"title": "CVE-2025-47906"
},
{
"cve": "CVE-2025-47907",
"product_status": {
"known_affected": [
"T047348",
"T047349",
"T002207",
"T045945",
"T045944",
"T027843",
"398363",
"74185"
]
},
"release_date": "2025-08-06T22:00:00.000+00:00",
"title": "CVE-2025-47907"
}
]
}
wid-sec-w-2025-1837
Vulnerability from csaf_certbund
Published
2025-08-14 22:00
Modified
2025-08-14 22:00
Summary
Gitea: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Gitea ist ein quelloffener Github-Klon.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Gitea ausnutzen, um einen nicht näher beschriebenen Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Gitea ist ein quelloffener Github-Klon.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Gitea ausnutzen, um einen nicht n\u00e4her beschriebenen Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1837 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1837.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1837 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1837"
},
{
"category": "external",
"summary": "Gitea 1.24.5 release vom 2025-08-14",
"url": "https://blog.gitea.com/release-of-1.24.5"
}
],
"source_lang": "en-US",
"title": "Gitea: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-08-14T22:00:00.000+00:00",
"generator": {
"date": "2025-08-15T07:42:09.689+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1837",
"initial_release_date": "2025-08-14T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-08-14T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.24.5",
"product": {
"name": "Open Source Gitea \u003c1.24.5",
"product_id": "T046259"
}
},
{
"category": "product_version",
"name": "1.24.5",
"product": {
"name": "Open Source Gitea 1.24.5",
"product_id": "T046259-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:gitea:gitea:1.24.5"
}
}
}
],
"category": "product_name",
"name": "Gitea"
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47906",
"product_status": {
"known_affected": [
"T046259"
]
},
"release_date": "2025-08-14T22:00:00.000+00:00",
"title": "CVE-2025-47906"
},
{
"cve": "CVE-2025-47907",
"product_status": {
"known_affected": [
"T046259"
]
},
"release_date": "2025-08-14T22:00:00.000+00:00",
"title": "CVE-2025-47907"
}
]
}
ghsa-j5pm-7495-qmr3
Vulnerability from github
Published
2025-08-07 17:34
Modified
2025-08-07 17:34
Severity ?
VLAI Severity ?
Details
Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.
{
"affected": [],
"aliases": [
"CVE-2025-47907"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-07T16:15:30Z",
"severity": "HIGH"
},
"details": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.",
"id": "GHSA-j5pm-7495-qmr3",
"modified": "2025-08-07T17:34:41Z",
"published": "2025-08-07T17:34:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://go.dev/cl/693735"
},
{
"type": "WEB",
"url": "https://go.dev/issue/74831"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2025-3849"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"type": "CVSS_V3"
}
]
}
fkie_cve-2025-47907
Vulnerability from fkie_nvd
Published
2025-08-07 16:15
Modified
2025-08-07 21:26
Severity ?
Summary
Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error."
},
{
"lang": "es",
"value": "Cancelar una consulta (p. ej., cancelando el contexto pasado a uno de los m\u00e9todos de consulta) durante una llamada al m\u00e9todo Scan de las filas devueltas puede generar resultados inesperados si se realizan otras consultas en paralelo. Esto puede generar una condici\u00f3n de ejecuci\u00f3n que sobrescriba los resultados esperados con los de otra consulta, provocando que la llamada a Scan devuelva resultados inesperados de la otra consulta o un error."
}
],
"id": "CVE-2025-47907",
"lastModified": "2025-08-07T21:26:37.453",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 4.7,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-08-07T16:15:30.357",
"references": [
{
"source": "security@golang.org",
"url": "https://go.dev/cl/693735"
},
{
"source": "security@golang.org",
"url": "https://go.dev/issue/74831"
},
{
"source": "security@golang.org",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"source": "security@golang.org",
"url": "https://pkg.go.dev/vuln/GO-2025-3849"
}
],
"sourceIdentifier": "security@golang.org",
"vulnStatus": "Awaiting Analysis"
}
CERTFR-2025-AVI-0751
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry versions antérieures à 6.0.19+LTS-T | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry versions antérieures à 10.0.9 | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry versions antérieures à 10.2.2+LTS-T |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Platform for Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.19+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry versions ant\u00e9rieures \u00e0 10.0.9",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.2+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2025-23048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23048"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2025-49812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49812"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2025-27209",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27209"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-30399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30399"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2024-43204",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43204"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2025-49007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49007"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2025-1217",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1217"
},
{
"name": "CVE-2025-53020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53020"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2024-47252",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47252"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-1736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1736"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2025-1734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1734"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-7339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7339"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2025-1861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1861"
},
{
"name": "CVE-2025-21588",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21588"
},
{
"name": "CVE-2025-49630",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49630"
},
{
"name": "CVE-2025-1219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1219"
},
{
"name": "CVE-2024-42516",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42516"
},
{
"name": "CVE-2024-43394",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43394"
}
],
"initial_release_date": "2025-09-03T00:00:00",
"last_revision_date": "2025-09-03T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0751",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-03T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-09-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware TNZ-2025-0071",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36077"
},
{
"published_at": "2025-09-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware TNZ-2025-0069",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36075"
},
{
"published_at": "2025-09-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware TNZ-2025-0070",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36076"
}
]
}
CERTFR-2025-AVI-0756
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T | ||
| VMware | Tanzu | Tanzu for MySQL on Cloud Foundry versions antérieures à 10.0.2 | ||
| VMware | Tanzu | Java Buildpack versions antérieures à 4.84.0 | ||
| VMware | Tanzu | Stemcells pour Ubuntu Jammy Azure Light versions antérieures à 1.894 | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 10.0.9 | ||
| VMware | Tanzu | Tanzu Scheduler versions antérieures à 2.0.20 | ||
| VMware | Tanzu | Spring Cloud Services for VMware Tanzu versions antérieures à 3.3.9 | ||
| VMware | Tanzu | Tanzu GemFire versions antérieures à 10.1.4 | ||
| VMware | Tanzu Operations Manager | Tanzu Operations Manager versions antérieures à 3.1.2 | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 6.0.19+LTS-T | ||
| VMware | Tanzu | Single Sign-On for VMware Tanzu Application Service versions antérieures à 1.16.12 | ||
| VMware | Tanzu | Tanzu Hub versions antérieures à 10.2.1 | ||
| VMware | Tanzu | Stemcells pour Ubuntu Jammy versions antérieures à 1.894 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu for MySQL on Cloud Foundry versions ant\u00e9rieures \u00e0 10.0.2",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Java Buildpack versions ant\u00e9rieures \u00e0 4.84.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells pour Ubuntu Jammy Azure Light versions ant\u00e9rieures \u00e0 1.894",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.0.9",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Scheduler versions ant\u00e9rieures \u00e0 2.0.20",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services for VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.9",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu GemFire versions ant\u00e9rieures \u00e0 10.1.4",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Operations Manager versions ant\u00e9rieures \u00e0 3.1.2",
"product": {
"name": "Tanzu Operations Manager",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.19+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On for VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.12",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.2.1",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells pour Ubuntu Jammy versions ant\u00e9rieures \u00e0 1.894",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2013-1548",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1548"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2017-8046",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8046"
},
{
"name": "CVE-2018-3280",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3280"
},
{
"name": "CVE-2018-3137",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3137"
},
{
"name": "CVE-2018-3285",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3285"
},
{
"name": "CVE-2018-3182",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3182"
},
{
"name": "CVE-2018-3186",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3186"
},
{
"name": "CVE-2018-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3195"
},
{
"name": "CVE-2018-3286",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3286"
},
{
"name": "CVE-2018-3170",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3170"
},
{
"name": "CVE-2018-3279",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3279"
},
{
"name": "CVE-2018-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3212"
},
{
"name": "CVE-2018-3203",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3203"
},
{
"name": "CVE-2018-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3145"
},
{
"name": "CVE-2019-2530",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2530"
},
{
"name": "CVE-2019-2436",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2436"
},
{
"name": "CVE-2019-2539",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2539"
},
{
"name": "CVE-2019-2494",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2494"
},
{
"name": "CVE-2019-2535",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2535"
},
{
"name": "CVE-2019-2533",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2533"
},
{
"name": "CVE-2019-2495",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2495"
},
{
"name": "CVE-2019-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2513"
},
{
"name": "CVE-2019-2536",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2536"
},
{
"name": "CVE-2019-2502",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2502"
},
{
"name": "CVE-2019-2634",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2634"
},
{
"name": "CVE-2019-2587",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2587"
},
{
"name": "CVE-2019-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2584"
},
{
"name": "CVE-2019-2691",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2691"
},
{
"name": "CVE-2019-2606",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2606"
},
{
"name": "CVE-2019-2630",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2630"
},
{
"name": "CVE-2019-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2624"
},
{
"name": "CVE-2019-2623",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2623"
},
{
"name": "CVE-2019-2695",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2695"
},
{
"name": "CVE-2019-2596",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2596"
},
{
"name": "CVE-2019-2580",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2580"
},
{
"name": "CVE-2019-2644",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2644"
},
{
"name": "CVE-2019-2681",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2681"
},
{
"name": "CVE-2019-2617",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2617"
},
{
"name": "CVE-2019-2636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2636"
},
{
"name": "CVE-2019-2689",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2689"
},
{
"name": "CVE-2019-2693",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2693"
},
{
"name": "CVE-2019-2593",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2593"
},
{
"name": "CVE-2019-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2625"
},
{
"name": "CVE-2019-2585",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2585"
},
{
"name": "CVE-2019-2631",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2631"
},
{
"name": "CVE-2019-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2694"
},
{
"name": "CVE-2019-2620",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2620"
},
{
"name": "CVE-2019-2688",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2688"
},
{
"name": "CVE-2019-2589",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2589"
},
{
"name": "CVE-2019-2635",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2635"
},
{
"name": "CVE-2019-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2626"
},
{
"name": "CVE-2019-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2686"
},
{
"name": "CVE-2019-2685",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2685"
},
{
"name": "CVE-2019-2687",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2687"
},
{
"name": "CVE-2019-2607",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2607"
},
{
"name": "CVE-2019-7317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7317"
},
{
"name": "CVE-2019-2811",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2811"
},
{
"name": "CVE-2019-2740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2740"
},
{
"name": "CVE-2019-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2879"
},
{
"name": "CVE-2019-2808",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2808"
},
{
"name": "CVE-2019-2738",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2738"
},
{
"name": "CVE-2019-2819",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2819"
},
{
"name": "CVE-2019-2737",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2737"
},
{
"name": "CVE-2019-2814",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2814"
},
{
"name": "CVE-2019-2778",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2778"
},
{
"name": "CVE-2019-2822",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2822"
},
{
"name": "CVE-2019-2802",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2802"
},
{
"name": "CVE-2019-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2803"
},
{
"name": "CVE-2019-2752",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2752"
},
{
"name": "CVE-2019-2826",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2826"
},
{
"name": "CVE-2019-2784",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2784"
},
{
"name": "CVE-2019-2789",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2789"
},
{
"name": "CVE-2019-2801",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2801"
},
{
"name": "CVE-2019-2791",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2791"
},
{
"name": "CVE-2019-2798",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2798"
},
{
"name": "CVE-2019-2796",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2796"
},
{
"name": "CVE-2019-2815",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2815"
},
{
"name": "CVE-2019-2810",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2810"
},
{
"name": "CVE-2019-2780",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2780"
},
{
"name": "CVE-2019-2758",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2758"
},
{
"name": "CVE-2019-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2757"
},
{
"name": "CVE-2019-2785",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2785"
},
{
"name": "CVE-2019-2747",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2747"
},
{
"name": "CVE-2019-2741",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2741"
},
{
"name": "CVE-2019-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2830"
},
{
"name": "CVE-2019-2834",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2834"
},
{
"name": "CVE-2019-2743",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2743"
},
{
"name": "CVE-2019-2739",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2739"
},
{
"name": "CVE-2019-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2805"
},
{
"name": "CVE-2019-2797",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2797"
},
{
"name": "CVE-2019-2774",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2774"
},
{
"name": "CVE-2019-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2795"
},
{
"name": "CVE-2019-2746",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2746"
},
{
"name": "CVE-2019-2812",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2812"
},
{
"name": "CVE-2019-2924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2924"
},
{
"name": "CVE-2019-2914",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2914"
},
{
"name": "CVE-2019-2960",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2960"
},
{
"name": "CVE-2019-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2923"
},
{
"name": "CVE-2019-2968",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2968"
},
{
"name": "CVE-2019-2993",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2993"
},
{
"name": "CVE-2019-3009",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3009"
},
{
"name": "CVE-2019-2969",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2969"
},
{
"name": "CVE-2019-3011",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3011"
},
{
"name": "CVE-2019-2967",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2967"
},
{
"name": "CVE-2019-2946",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2946"
},
{
"name": "CVE-2019-2966",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2966"
},
{
"name": "CVE-2019-2957",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2957"
},
{
"name": "CVE-2019-2948",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2948"
},
{
"name": "CVE-2019-2922",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2922"
},
{
"name": "CVE-2019-3004",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3004"
},
{
"name": "CVE-2019-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2998"
},
{
"name": "CVE-2019-2911",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2911"
},
{
"name": "CVE-2019-2950",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2950"
},
{
"name": "CVE-2019-2910",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2910"
},
{
"name": "CVE-2019-3018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3018"
},
{
"name": "CVE-2019-2974",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2974"
},
{
"name": "CVE-2019-2991",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2991"
},
{
"name": "CVE-2019-2997",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2997"
},
{
"name": "CVE-2019-2938",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2938"
},
{
"name": "CVE-2019-3003",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3003"
},
{
"name": "CVE-2019-2982",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2982"
},
{
"name": "CVE-2019-2963",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2963"
},
{
"name": "CVE-2020-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2579"
},
{
"name": "CVE-2020-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2584"
},
{
"name": "CVE-2020-2577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2577"
},
{
"name": "CVE-2020-2679",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2679"
},
{
"name": "CVE-2020-2570",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2570"
},
{
"name": "CVE-2020-2572",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2572"
},
{
"name": "CVE-2020-2627",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2627"
},
{
"name": "CVE-2020-2660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2660"
},
{
"name": "CVE-2020-2589",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2589"
},
{
"name": "CVE-2020-2573",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2573"
},
{
"name": "CVE-2020-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2686"
},
{
"name": "CVE-2020-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2694"
},
{
"name": "CVE-2020-2574",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2574"
},
{
"name": "CVE-2020-2770",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2770"
},
{
"name": "CVE-2020-2925",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2925"
},
{
"name": "CVE-2020-2853",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2853"
},
{
"name": "CVE-2020-2774",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2774"
},
{
"name": "CVE-2020-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2928"
},
{
"name": "CVE-2020-2897",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2897"
},
{
"name": "CVE-2020-2812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2812"
},
{
"name": "CVE-2020-2765",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2765"
},
{
"name": "CVE-2020-2761",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2761"
},
{
"name": "CVE-2020-2790",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2790"
},
{
"name": "CVE-2020-2752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2752"
},
{
"name": "CVE-2020-2904",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2904"
},
{
"name": "CVE-2020-2893",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2893"
},
{
"name": "CVE-2020-2760",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2760"
},
{
"name": "CVE-2020-2780",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2780"
},
{
"name": "CVE-2020-2903",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2903"
},
{
"name": "CVE-2020-2924",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2924"
},
{
"name": "CVE-2020-2806",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2806"
},
{
"name": "CVE-2020-2922",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2922"
},
{
"name": "CVE-2020-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2901"
},
{
"name": "CVE-2020-2926",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2926"
},
{
"name": "CVE-2020-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2923"
},
{
"name": "CVE-2020-2921",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2921"
},
{
"name": "CVE-2020-2779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2779"
},
{
"name": "CVE-2020-2892",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2892"
},
{
"name": "CVE-2020-2896",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2896"
},
{
"name": "CVE-2020-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2804"
},
{
"name": "CVE-2020-2895",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2895"
},
{
"name": "CVE-2020-2930",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2930"
},
{
"name": "CVE-2020-2814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2814"
},
{
"name": "CVE-2020-2759",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2759"
},
{
"name": "CVE-2020-2763",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2763"
},
{
"name": "CVE-2020-14550",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14550"
},
{
"name": "CVE-2020-14567",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14567"
},
{
"name": "CVE-2020-14559",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14559"
},
{
"name": "CVE-2020-14576",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14576"
},
{
"name": "CVE-2020-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14540"
},
{
"name": "CVE-2020-14547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14547"
},
{
"name": "CVE-2020-14553",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14553"
},
{
"name": "CVE-2020-14539",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14539"
},
{
"name": "CVE-2020-14845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14845"
},
{
"name": "CVE-2020-14799",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14799"
},
{
"name": "CVE-2020-14793",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14793"
},
{
"name": "CVE-2020-14888",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14888"
},
{
"name": "CVE-2020-14790",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14790"
},
{
"name": "CVE-2020-14789",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14789"
},
{
"name": "CVE-2020-14672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14672"
},
{
"name": "CVE-2020-14846",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14846"
},
{
"name": "CVE-2020-14771",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14771"
},
{
"name": "CVE-2020-14873",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14873"
},
{
"name": "CVE-2020-14791",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14791"
},
{
"name": "CVE-2020-14769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14769"
},
{
"name": "CVE-2020-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14844"
},
{
"name": "CVE-2020-14809",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14809"
},
{
"name": "CVE-2020-14860",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14860"
},
{
"name": "CVE-2020-14866",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14866"
},
{
"name": "CVE-2020-14861",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14861"
},
{
"name": "CVE-2020-14773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14773"
},
{
"name": "CVE-2020-14776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14776"
},
{
"name": "CVE-2020-14852",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14852"
},
{
"name": "CVE-2020-14760",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14760"
},
{
"name": "CVE-2020-14870",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14870"
},
{
"name": "CVE-2020-14837",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14837"
},
{
"name": "CVE-2020-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14893"
},
{
"name": "CVE-2020-14836",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14836"
},
{
"name": "CVE-2020-14829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14829"
},
{
"name": "CVE-2020-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14868"
},
{
"name": "CVE-2020-14827",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14827"
},
{
"name": "CVE-2020-14839",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14839"
},
{
"name": "CVE-2020-14777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14777"
},
{
"name": "CVE-2020-14812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14812"
},
{
"name": "CVE-2020-14775",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14775"
},
{
"name": "CVE-2020-14838",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14838"
},
{
"name": "CVE-2020-14869",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14869"
},
{
"name": "CVE-2020-14765",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14765"
},
{
"name": "CVE-2020-14814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14814"
},
{
"name": "CVE-2020-14821",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14821"
},
{
"name": "CVE-2020-14830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14830"
},
{
"name": "CVE-2020-14828",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14828"
},
{
"name": "CVE-2020-14804",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14804"
},
{
"name": "CVE-2020-14800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14800"
},
{
"name": "CVE-2020-14891",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14891"
},
{
"name": "CVE-2020-14848",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14848"
},
{
"name": "CVE-2020-14867",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14867"
},
{
"name": "CVE-2020-14785",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14785"
},
{
"name": "CVE-2020-14794",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14794"
},
{
"name": "CVE-2020-14786",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14786"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2021-2010",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2010"
},
{
"name": "CVE-2021-2001",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2001"
},
{
"name": "CVE-2021-2060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2060"
},
{
"name": "CVE-2021-2014",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2014"
},
{
"name": "CVE-2021-2032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2032"
},
{
"name": "CVE-2021-2036",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2036"
},
{
"name": "CVE-2021-2007",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2007"
},
{
"name": "CVE-2021-2011",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2011"
},
{
"name": "CVE-2021-2022",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2022"
},
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2021-2308",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2308"
},
{
"name": "CVE-2021-2213",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2213"
},
{
"name": "CVE-2021-2172",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2172"
},
{
"name": "CVE-2021-2293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2293"
},
{
"name": "CVE-2021-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2208"
},
{
"name": "CVE-2021-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2196"
},
{
"name": "CVE-2021-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2194"
},
{
"name": "CVE-2021-2298",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2298"
},
{
"name": "CVE-2021-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2162"
},
{
"name": "CVE-2021-2179",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2179"
},
{
"name": "CVE-2021-2307",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2307"
},
{
"name": "CVE-2021-2217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2217"
},
{
"name": "CVE-2021-2180",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2180"
},
{
"name": "CVE-2021-2203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2203"
},
{
"name": "CVE-2021-2144",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2144"
},
{
"name": "CVE-2021-2226",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2226"
},
{
"name": "CVE-2021-2232",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2232"
},
{
"name": "CVE-2021-2169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2169"
},
{
"name": "CVE-2021-2301",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2301"
},
{
"name": "CVE-2021-2202",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2202"
},
{
"name": "CVE-2021-2166",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2166"
},
{
"name": "CVE-2021-2174",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2174"
},
{
"name": "CVE-2021-2154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2154"
},
{
"name": "CVE-2021-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2193"
},
{
"name": "CVE-2021-2300",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2300"
},
{
"name": "CVE-2021-2299",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2299"
},
{
"name": "CVE-2021-2212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2212"
},
{
"name": "CVE-2021-2178",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2178"
},
{
"name": "CVE-2021-2146",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2146"
},
{
"name": "CVE-2021-2230",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2230"
},
{
"name": "CVE-2021-2278",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2278"
},
{
"name": "CVE-2021-2164",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2164"
},
{
"name": "CVE-2021-2201",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2201"
},
{
"name": "CVE-2021-2170",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2170"
},
{
"name": "CVE-2021-2304",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2304"
},
{
"name": "CVE-2021-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2160"
},
{
"name": "CVE-2021-2171",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2171"
},
{
"name": "CVE-2021-2305",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2305"
},
{
"name": "CVE-2021-2215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2215"
},
{
"name": "CVE-2021-25214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25214"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2020-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
},
{
"name": "CVE-2021-2370",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2370"
},
{
"name": "CVE-2021-2389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2389"
},
{
"name": "CVE-2021-2444",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2444"
},
{
"name": "CVE-2021-2429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2429"
},
{
"name": "CVE-2021-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2426"
},
{
"name": "CVE-2021-2427",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2427"
},
{
"name": "CVE-2021-2339",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2339"
},
{
"name": "CVE-2021-2425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2425"
},
{
"name": "CVE-2021-2387",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2387"
},
{
"name": "CVE-2021-2383",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2383"
},
{
"name": "CVE-2021-2372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2372"
},
{
"name": "CVE-2021-2399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2399"
},
{
"name": "CVE-2021-2384",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2384"
},
{
"name": "CVE-2021-2412",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2412"
},
{
"name": "CVE-2021-2441",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2441"
},
{
"name": "CVE-2021-2410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2410"
},
{
"name": "CVE-2021-2342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2342"
},
{
"name": "CVE-2021-2437",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2437"
},
{
"name": "CVE-2021-2417",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2417"
},
{
"name": "CVE-2021-2424",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2424"
},
{
"name": "CVE-2021-2385",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2385"
},
{
"name": "CVE-2021-2357",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2357"
},
{
"name": "CVE-2021-2352",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2352"
},
{
"name": "CVE-2021-2402",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2402"
},
{
"name": "CVE-2021-2440",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2440"
},
{
"name": "CVE-2021-2340",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2340"
},
{
"name": "CVE-2021-2390",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2390"
},
{
"name": "CVE-2021-2374",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2374"
},
{
"name": "CVE-2021-2356",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2356"
},
{
"name": "CVE-2021-2411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2411"
},
{
"name": "CVE-2021-2418",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2418"
},
{
"name": "CVE-2021-2367",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2367"
},
{
"name": "CVE-2021-2354",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2354"
},
{
"name": "CVE-2021-2422",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2422"
},
{
"name": "CVE-2020-10543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10543"
},
{
"name": "CVE-2020-12723",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12723"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2020-28500",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28500"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2021-35640",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35640"
},
{
"name": "CVE-2021-35626",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35626"
},
{
"name": "CVE-2021-2478",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2478"
},
{
"name": "CVE-2021-35624",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35624"
},
{
"name": "CVE-2021-35583",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35583"
},
{
"name": "CVE-2021-35628",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35628"
},
{
"name": "CVE-2021-35630",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35630"
},
{
"name": "CVE-2021-35644",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35644"
},
{
"name": "CVE-2021-2479",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2479"
},
{
"name": "CVE-2021-35638",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35638"
},
{
"name": "CVE-2021-35646",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35646"
},
{
"name": "CVE-2021-35596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35596"
},
{
"name": "CVE-2021-35643",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35643"
},
{
"name": "CVE-2021-35637",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35637"
},
{
"name": "CVE-2021-35623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35623"
},
{
"name": "CVE-2021-35632",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35632"
},
{
"name": "CVE-2021-35641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35641"
},
{
"name": "CVE-2021-35604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35604"
},
{
"name": "CVE-2021-35636",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35636"
},
{
"name": "CVE-2021-35546",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35546"
},
{
"name": "CVE-2021-35627",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35627"
},
{
"name": "CVE-2021-35625",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35625"
},
{
"name": "CVE-2021-35608",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35608"
},
{
"name": "CVE-2021-35597",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35597"
},
{
"name": "CVE-2021-35537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35537"
},
{
"name": "CVE-2021-2481",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2481"
},
{
"name": "CVE-2021-35622",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35622"
},
{
"name": "CVE-2021-35610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35610"
},
{
"name": "CVE-2021-35633",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35633"
},
{
"name": "CVE-2021-35634",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35634"
},
{
"name": "CVE-2021-35629",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35629"
},
{
"name": "CVE-2021-35631",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35631"
},
{
"name": "CVE-2021-35645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35645"
},
{
"name": "CVE-2021-35647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35647"
},
{
"name": "CVE-2021-35612",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35612"
},
{
"name": "CVE-2021-35639",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35639"
},
{
"name": "CVE-2021-35648",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35648"
},
{
"name": "CVE-2021-35607",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35607"
},
{
"name": "CVE-2021-35602",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35602"
},
{
"name": "CVE-2021-35577",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35577"
},
{
"name": "CVE-2021-35642",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35642"
},
{
"name": "CVE-2021-35575",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35575"
},
{
"name": "CVE-2021-35635",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35635"
},
{
"name": "CVE-2021-35591",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35591"
},
{
"name": "CVE-2021-25219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25219"
},
{
"name": "CVE-2021-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3875"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2022-21352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21352"
},
{
"name": "CVE-2022-21304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21304"
},
{
"name": "CVE-2022-21254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21254"
},
{
"name": "CVE-2022-21265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21265"
},
{
"name": "CVE-2022-21348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21348"
},
{
"name": "CVE-2022-21372",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21372"
},
{
"name": "CVE-2022-21245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21245"
},
{
"name": "CVE-2022-21368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21368"
},
{
"name": "CVE-2022-21339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21339"
},
{
"name": "CVE-2022-21264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21264"
},
{
"name": "CVE-2022-21297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21297"
},
{
"name": "CVE-2022-21379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21379"
},
{
"name": "CVE-2022-21253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21253"
},
{
"name": "CVE-2022-21301",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21301"
},
{
"name": "CVE-2022-21378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21378"
},
{
"name": "CVE-2022-21370",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21370"
},
{
"name": "CVE-2022-21302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21302"
},
{
"name": "CVE-2022-21249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21249"
},
{
"name": "CVE-2022-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21344"
},
{
"name": "CVE-2022-21270",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21270"
},
{
"name": "CVE-2022-21367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21367"
},
{
"name": "CVE-2022-21342",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21342"
},
{
"name": "CVE-2022-21362",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21362"
},
{
"name": "CVE-2022-21303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21303"
},
{
"name": "CVE-2022-21256",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21256"
},
{
"name": "CVE-2022-21358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21358"
},
{
"name": "CVE-2022-21374",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21374"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2021-4193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4193"
},
{
"name": "CVE-2020-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
},
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2022-0213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0213"
},
{
"name": "CVE-2022-21418",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21418"
},
{
"name": "CVE-2022-21412",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21412"
},
{
"name": "CVE-2022-21437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21437"
},
{
"name": "CVE-2022-21478",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21478"
},
{
"name": "CVE-2022-21479",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21479"
},
{
"name": "CVE-2022-21438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21438"
},
{
"name": "CVE-2022-21440",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21440"
},
{
"name": "CVE-2022-21451",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21451"
},
{
"name": "CVE-2022-21427",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21427"
},
{
"name": "CVE-2022-21415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21415"
},
{
"name": "CVE-2022-21459",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21459"
},
{
"name": "CVE-2022-21460",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21460"
},
{
"name": "CVE-2022-21414",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21414"
},
{
"name": "CVE-2022-21413",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21413"
},
{
"name": "CVE-2022-21436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21436"
},
{
"name": "CVE-2022-21435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21435"
},
{
"name": "CVE-2022-21462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21462"
},
{
"name": "CVE-2022-21444",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21444"
},
{
"name": "CVE-2022-21417",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21417"
},
{
"name": "CVE-2022-21457",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21457"
},
{
"name": "CVE-2022-21425",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21425"
},
{
"name": "CVE-2022-21452",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21452"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2021-4122",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4122"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2022-21525",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21525"
},
{
"name": "CVE-2022-21537",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21537"
},
{
"name": "CVE-2022-21455",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21455"
},
{
"name": "CVE-2022-21534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21534"
},
{
"name": "CVE-2022-21528",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21528"
},
{
"name": "CVE-2022-21529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21529"
},
{
"name": "CVE-2022-21531",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21531"
},
{
"name": "CVE-2022-21515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21515"
},
{
"name": "CVE-2022-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21538"
},
{
"name": "CVE-2022-21527",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21527"
},
{
"name": "CVE-2022-21517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21517"
},
{
"name": "CVE-2022-21539",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21539"
},
{
"name": "CVE-2022-21556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21556"
},
{
"name": "CVE-2022-21509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21509"
},
{
"name": "CVE-2022-21553",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21553"
},
{
"name": "CVE-2022-21530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21530"
},
{
"name": "CVE-2022-21522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21522"
},
{
"name": "CVE-2022-21547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21547"
},
{
"name": "CVE-2022-21569",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21569"
},
{
"name": "CVE-2022-21526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21526"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2022-0396",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0396"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-21592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21592"
},
{
"name": "CVE-2022-21617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21617"
},
{
"name": "CVE-2022-21595",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21595"
},
{
"name": "CVE-2022-21608",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21608"
},
{
"name": "CVE-2022-21589",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21589"
},
{
"name": "CVE-2023-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21863"
},
{
"name": "CVE-2023-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21873"
},
{
"name": "CVE-2023-21879",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21879"
},
{
"name": "CVE-2023-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21880"
},
{
"name": "CVE-2023-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21869"
},
{
"name": "CVE-2023-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21872"
},
{
"name": "CVE-2023-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21877"
},
{
"name": "CVE-2023-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21870"
},
{
"name": "CVE-2023-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21887"
},
{
"name": "CVE-2023-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21836"
},
{
"name": "CVE-2023-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21881"
},
{
"name": "CVE-2023-21876",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21876"
},
{
"name": "CVE-2023-21840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21840"
},
{
"name": "CVE-2023-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21878"
},
{
"name": "CVE-2023-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21866"
},
{
"name": "CVE-2023-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21875"
},
{
"name": "CVE-2023-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21865"
},
{
"name": "CVE-2023-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21883"
},
{
"name": "CVE-2023-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21867"
},
{
"name": "CVE-2023-21874",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21874"
},
{
"name": "CVE-2023-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21871"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2023-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21963"
},
{
"name": "CVE-2023-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21977"
},
{
"name": "CVE-2023-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21912"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2023-22053",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22053"
},
{
"name": "CVE-2023-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22007"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2023-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22097"
},
{
"name": "CVE-2023-22084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22084"
},
{
"name": "CVE-2023-22026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22026"
},
{
"name": "CVE-2023-22028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22028"
},
{
"name": "CVE-2023-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22015"
},
{
"name": "CVE-2023-22103",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22103"
},
{
"name": "CVE-2023-22068",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22068"
},
{
"name": "CVE-2023-22078",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22078"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-22059",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22059"
},
{
"name": "CVE-2023-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22066"
},
{
"name": "CVE-2023-22114",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22114"
},
{
"name": "CVE-2023-22070",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22070"
},
{
"name": "CVE-2023-22032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22032"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2021-22570",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22570"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2021-20193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20193"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-47100",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47100"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2022-27772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27772"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"name": "CVE-2023-52572",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52572"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2023-3138",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3138"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2024-26739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-52757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
},
{
"name": "CVE-2024-35866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
},
{
"name": "CVE-2024-35867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
},
{
"name": "CVE-2024-35943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
},
{
"name": "CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2024-35790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2024-21137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21137"
},
{
"name": "CVE-2024-0760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0760"
},
{
"name": "CVE-2024-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
},
{
"name": "CVE-2024-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2024-36908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
},
{
"name": "CVE-2024-27402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27402"
},
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2022-48893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2023-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5841"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2024-46751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2024-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2022-21454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21454"
},
{
"name": "CVE-2024-21193",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21193"
},
{
"name": "CVE-2024-21194",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21194"
},
{
"name": "CVE-2024-21196",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21196"
},
{
"name": "CVE-2024-21197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21197"
},
{
"name": "CVE-2024-21198",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21198"
},
{
"name": "CVE-2024-21199",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21199"
},
{
"name": "CVE-2024-21201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21201"
},
{
"name": "CVE-2024-21207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21207"
},
{
"name": "CVE-2024-21209",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21209"
},
{
"name": "CVE-2024-21212",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21212"
},
{
"name": "CVE-2024-21213",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21213"
},
{
"name": "CVE-2024-21219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21219"
},
{
"name": "CVE-2024-21236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21236"
},
{
"name": "CVE-2024-21239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21239"
},
{
"name": "CVE-2024-21241",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21241"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2024-10487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10487"
},
{
"name": "CVE-2024-10458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10458"
},
{
"name": "CVE-2024-10459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10459"
},
{
"name": "CVE-2024-10460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10460"
},
{
"name": "CVE-2024-10461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10461"
},
{
"name": "CVE-2024-10462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10462"
},
{
"name": "CVE-2024-10463",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10463"
},
{
"name": "CVE-2024-10464",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10464"
},
{
"name": "CVE-2024-10465",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10465"
},
{
"name": "CVE-2024-10466",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10466"
},
{
"name": "CVE-2024-10467",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10467"
},
{
"name": "CVE-2024-10468",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10468"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2024-46816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
},
{
"name": "CVE-2024-11395",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11395"
},
{
"name": "CVE-2024-49960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2024-50073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50073"
},
{
"name": "CVE-2024-11691",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11691"
},
{
"name": "CVE-2024-11692",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11692"
},
{
"name": "CVE-2024-11693",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11693"
},
{
"name": "CVE-2024-11694",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11694"
},
{
"name": "CVE-2024-11695",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11695"
},
{
"name": "CVE-2024-11696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11696"
},
{
"name": "CVE-2024-11697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11697"
},
{
"name": "CVE-2024-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11698"
},
{
"name": "CVE-2024-11699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11699"
},
{
"name": "CVE-2024-11700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11700"
},
{
"name": "CVE-2024-11701",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11701"
},
{
"name": "CVE-2024-11702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11702"
},
{
"name": "CVE-2024-11703",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11703"
},
{
"name": "CVE-2024-11704",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11704"
},
{
"name": "CVE-2024-11705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11705"
},
{
"name": "CVE-2024-11706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11706"
},
{
"name": "CVE-2024-11708",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11708"
},
{
"name": "CVE-2024-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
},
{
"name": "CVE-2024-50280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2024-49989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2025-0237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0237"
},
{
"name": "CVE-2025-0238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0238"
},
{
"name": "CVE-2025-0239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0239"
},
{
"name": "CVE-2025-0240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0240"
},
{
"name": "CVE-2025-0241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0241"
},
{
"name": "CVE-2025-0242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0242"
},
{
"name": "CVE-2025-0243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0243"
},
{
"name": "CVE-2025-0245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0245"
},
{
"name": "CVE-2025-0247",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0247"
},
{
"name": "CVE-2025-0434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0434"
},
{
"name": "CVE-2025-0435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0435"
},
{
"name": "CVE-2025-0436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0436"
},
{
"name": "CVE-2025-0437",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0437"
},
{
"name": "CVE-2025-0438",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0438"
},
{
"name": "CVE-2025-0439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0439"
},
{
"name": "CVE-2025-0440",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0440"
},
{
"name": "CVE-2025-0441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0441"
},
{
"name": "CVE-2025-0442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0442"
},
{
"name": "CVE-2025-0443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0443"
},
{
"name": "CVE-2025-0446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0446"
},
{
"name": "CVE-2025-0447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0447"
},
{
"name": "CVE-2025-0448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0448"
},
{
"name": "CVE-2025-21523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
},
{
"name": "CVE-2025-0612",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0612"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-0444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0444"
},
{
"name": "CVE-2025-0445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0445"
},
{
"name": "CVE-2025-0451",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0451"
},
{
"name": "CVE-2025-0762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0762"
},
{
"name": "CVE-2025-1009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1009"
},
{
"name": "CVE-2025-1010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1010"
},
{
"name": "CVE-2025-1011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1011"
},
{
"name": "CVE-2025-1012",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1012"
},
{
"name": "CVE-2025-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1013"
},
{
"name": "CVE-2025-1014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1014"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-1016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1016"
},
{
"name": "CVE-2025-1017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1017"
},
{
"name": "CVE-2025-1018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1018"
},
{
"name": "CVE-2025-1019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1019"
},
{
"name": "CVE-2025-1020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1020"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2024-50258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50258"
},
{
"name": "CVE-2024-53203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53203"
},
{
"name": "CVE-2024-53128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53128"
},
{
"name": "CVE-2025-0995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0995"
},
{
"name": "CVE-2025-0996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0996"
},
{
"name": "CVE-2025-0997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0997"
},
{
"name": "CVE-2025-0998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0998"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2025-1414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1414"
},
{
"name": "CVE-2025-0999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0999"
},
{
"name": "CVE-2025-1006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1006"
},
{
"name": "CVE-2025-1426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1426"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2023-39017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39017"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2025-1914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1914"
},
{
"name": "CVE-2025-1915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1915"
},
{
"name": "CVE-2025-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1916"
},
{
"name": "CVE-2025-1917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1917"
},
{
"name": "CVE-2025-1918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1918"
},
{
"name": "CVE-2025-1919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1919"
},
{
"name": "CVE-2025-1921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1921"
},
{
"name": "CVE-2025-1922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1922"
},
{
"name": "CVE-2025-1923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1923"
},
{
"name": "CVE-2025-1930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1930"
},
{
"name": "CVE-2025-1931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1931"
},
{
"name": "CVE-2025-1932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1932"
},
{
"name": "CVE-2025-1933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1933"
},
{
"name": "CVE-2025-1934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1934"
},
{
"name": "CVE-2025-1935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1935"
},
{
"name": "CVE-2025-1936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1936"
},
{
"name": "CVE-2025-1937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1937"
},
{
"name": "CVE-2025-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1938"
},
{
"name": "CVE-2025-1939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1939"
},
{
"name": "CVE-2025-1940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1940"
},
{
"name": "CVE-2025-1941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1941"
},
{
"name": "CVE-2025-1942",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1942"
},
{
"name": "CVE-2025-1943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1943"
},
{
"name": "CVE-2025-1920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1920"
},
{
"name": "CVE-2025-2135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2135"
},
{
"name": "CVE-2025-2136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2136"
},
{
"name": "CVE-2025-2137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2137"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2024-45772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45772"
},
{
"name": "CVE-2025-2476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2476"
},
{
"name": "CVE-2025-2857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2857"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-2783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2783"
},
{
"name": "CVE-2022-49063",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2025-3066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3066"
},
{
"name": "CVE-2025-3067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3067"
},
{
"name": "CVE-2025-3068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3068"
},
{
"name": "CVE-2025-3071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3071"
},
{
"name": "CVE-2025-3072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3072"
},
{
"name": "CVE-2025-3073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3073"
},
{
"name": "CVE-2025-3074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3074"
},
{
"name": "CVE-2025-3028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3028"
},
{
"name": "CVE-2025-3029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3029"
},
{
"name": "CVE-2025-3030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3030"
},
{
"name": "CVE-2025-3031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3031"
},
{
"name": "CVE-2025-3032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3032"
},
{
"name": "CVE-2025-3033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3033"
},
{
"name": "CVE-2025-3034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3034"
},
{
"name": "CVE-2025-3035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3035"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2025-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3608"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2025-21588",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21588"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3619"
},
{
"name": "CVE-2025-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3620"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2025-4050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4050"
},
{
"name": "CVE-2025-4051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4051"
},
{
"name": "CVE-2025-4052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4052"
},
{
"name": "CVE-2025-4096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4096"
},
{
"name": "CVE-2025-2817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2817"
},
{
"name": "CVE-2025-4082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4082"
},
{
"name": "CVE-2025-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4083"
},
{
"name": "CVE-2025-4085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4085"
},
{
"name": "CVE-2025-4087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4087"
},
{
"name": "CVE-2025-4088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4088"
},
{
"name": "CVE-2025-4089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4089"
},
{
"name": "CVE-2025-4090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4090"
},
{
"name": "CVE-2025-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4091"
},
{
"name": "CVE-2025-4092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4092"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2024-46742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2025-29087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29087"
},
{
"name": "CVE-2025-3277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3277"
},
{
"name": "CVE-2025-4609",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4609"
},
{
"name": "CVE-2025-4664",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4664"
},
{
"name": "CVE-2025-4372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4372"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-4918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4918"
},
{
"name": "CVE-2025-4919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4919"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2025-5063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5063"
},
{
"name": "CVE-2025-5064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5064"
},
{
"name": "CVE-2025-5065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5065"
},
{
"name": "CVE-2025-5066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5066"
},
{
"name": "CVE-2025-5067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5067"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-5263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5263"
},
{
"name": "CVE-2025-5264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5264"
},
{
"name": "CVE-2025-5265",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5265"
},
{
"name": "CVE-2025-5266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5266"
},
{
"name": "CVE-2025-5267",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5267"
},
{
"name": "CVE-2025-5268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5268"
},
{
"name": "CVE-2025-5270",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5270"
},
{
"name": "CVE-2025-5271",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5271"
},
{
"name": "CVE-2025-5272",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5272"
},
{
"name": "CVE-2025-5281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5281"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2025-37871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
},
{
"name": "CVE-2025-37819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-37905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
},
{
"name": "CVE-2025-37909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
},
{
"name": "CVE-2025-37911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
},
{
"name": "CVE-2025-37912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
},
{
"name": "CVE-2025-37913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
},
{
"name": "CVE-2025-37914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
},
{
"name": "CVE-2025-37915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
},
{
"name": "CVE-2025-37923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
},
{
"name": "CVE-2025-37927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
},
{
"name": "CVE-2025-37930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
},
{
"name": "CVE-2025-37964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37964"
},
{
"name": "CVE-2025-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
},
{
"name": "CVE-2025-37969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
},
{
"name": "CVE-2025-37970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
},
{
"name": "CVE-2025-37990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
},
{
"name": "CVE-2025-37991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
},
{
"name": "CVE-2025-5068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5068"
},
{
"name": "CVE-2025-5419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5419"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-49709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49709"
},
{
"name": "CVE-2025-49710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49710"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2025-29088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29088"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-5958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5958"
},
{
"name": "CVE-2025-5959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5959"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-6191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6191"
},
{
"name": "CVE-2025-6192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6192"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2022-49168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
},
{
"name": "CVE-2025-37998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
},
{
"name": "CVE-2023-42366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
},
{
"name": "CVE-2025-6424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6424"
},
{
"name": "CVE-2025-6425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6425"
},
{
"name": "CVE-2025-6426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6426"
},
{
"name": "CVE-2025-6427",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6427"
},
{
"name": "CVE-2025-6429",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6429"
},
{
"name": "CVE-2025-6430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6430"
},
{
"name": "CVE-2025-6432",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6432"
},
{
"name": "CVE-2025-6433",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6433"
},
{
"name": "CVE-2025-6434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6434"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2025-6555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6555"
},
{
"name": "CVE-2025-6556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6556"
},
{
"name": "CVE-2025-6557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6557"
},
{
"name": "CVE-2025-6435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6435"
},
{
"name": "CVE-2025-6436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6436"
},
{
"name": "CVE-2025-6554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6554"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-37992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
},
{
"name": "CVE-2025-37994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
},
{
"name": "CVE-2025-37995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
},
{
"name": "CVE-2025-38005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
},
{
"name": "CVE-2025-38009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
},
{
"name": "CVE-2025-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
},
{
"name": "CVE-2025-38024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-6558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6558"
},
{
"name": "CVE-2025-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7656"
},
{
"name": "CVE-2025-7657",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7657"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2022-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21546"
},
{
"name": "CVE-2020-16156",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16156"
},
{
"name": "CVE-2025-8010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8010"
},
{
"name": "CVE-2025-8011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8011"
},
{
"name": "CVE-2025-8027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8027"
},
{
"name": "CVE-2025-8028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8028"
},
{
"name": "CVE-2025-8029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8029"
},
{
"name": "CVE-2025-8030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8030"
},
{
"name": "CVE-2025-8031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8031"
},
{
"name": "CVE-2025-8032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8032"
},
{
"name": "CVE-2025-8033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8033"
},
{
"name": "CVE-2025-8034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8034"
},
{
"name": "CVE-2025-8035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8035"
},
{
"name": "CVE-2025-8036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8036"
},
{
"name": "CVE-2025-8037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8037"
},
{
"name": "CVE-2025-8038",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8038"
},
{
"name": "CVE-2025-8039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8039"
},
{
"name": "CVE-2025-8040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8040"
},
{
"name": "CVE-2025-8041",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8041"
},
{
"name": "CVE-2025-8043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8043"
},
{
"name": "CVE-2025-8044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8044"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2025-38094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-8292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8292"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
},
{
"name": "CVE-2025-8576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8576"
},
{
"name": "CVE-2025-8577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8577"
},
{
"name": "CVE-2025-8578",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8578"
},
{
"name": "CVE-2025-8579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8579"
},
{
"name": "CVE-2025-8580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8580"
},
{
"name": "CVE-2025-8581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8581"
},
{
"name": "CVE-2025-8582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8582"
},
{
"name": "CVE-2025-8583",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8583"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2025-8879",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8879"
},
{
"name": "CVE-2025-8880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8880"
},
{
"name": "CVE-2025-8881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8881"
},
{
"name": "CVE-2025-8882",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8882"
},
{
"name": "CVE-2025-8901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8901"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2025-7339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7339"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2025-9132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9132"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2024-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2005-2541",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-2541"
},
{
"name": "CVE-2008-5727",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5727"
},
{
"name": "CVE-2008-5728",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5728"
},
{
"name": "CVE-2008-5729",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5729"
},
{
"name": "CVE-2008-5730",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5730"
},
{
"name": "CVE-2008-5742",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5742"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2015-2214",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2214"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2016-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2149"
},
{
"name": "CVE-2016-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2160"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2017-12195",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12195"
},
{
"name": "CVE-2017-12629",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12629"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2018-1000169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000169"
},
{
"name": "CVE-2018-1196",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1196"
},
{
"name": "CVE-2018-1273",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1273"
},
{
"name": "CVE-2019-10782",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10782"
},
{
"name": "CVE-2019-9658",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9658"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2021-20298",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20298"
},
{
"name": "CVE-2021-20304",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20304"
},
{
"name": "CVE-2021-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22055"
},
{
"name": "CVE-2021-23169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23169"
},
{
"name": "CVE-2021-3236",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3236"
},
{
"name": "CVE-2022-0635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0635"
},
{
"name": "CVE-2022-0667",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0667"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2023-39810",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39810"
},
{
"name": "CVE-2023-4156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4156"
},
{
"name": "CVE-2023-4320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4320"
},
{
"name": "CVE-2023-43785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43785"
},
{
"name": "CVE-2023-43786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43786"
},
{
"name": "CVE-2023-43787",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43787"
},
{
"name": "CVE-2023-46129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46129"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2023-5189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5189"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2024-22047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22047"
},
{
"name": "CVE-2024-2397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2397"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-31047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31047"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2024-58251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2024-7012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7012"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2025-26519",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26519"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2025-46392",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46392"
},
{
"name": "CVE-2025-46394",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2025-5115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5115"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2025-8262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8262"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-9179",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9179"
},
{
"name": "CVE-2025-9180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9180"
},
{
"name": "CVE-2025-9181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9181"
},
{
"name": "CVE-2025-9182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9182"
},
{
"name": "CVE-2025-9183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9183"
},
{
"name": "CVE-2025-9184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9184"
},
{
"name": "CVE-2025-9185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9185"
},
{
"name": "CVE-2025-9187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9187"
},
{
"name": "CVE-2025-9308",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9308"
}
],
"initial_release_date": "2025-09-05T00:00:00",
"last_revision_date": "2025-09-05T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0756",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36093",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36093"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36102",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36102"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36101",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36101"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36100",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36100"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36105",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36105"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36091",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36091"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36078",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36078"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36107",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36107"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36094",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36094"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36097",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36097"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-46",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36104"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36108",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36108"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36095",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36095"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-09",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36090"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36096",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36096"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36106",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36106"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36109",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36109"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36098",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36098"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36111"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36103",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36103"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36099",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36099"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36092",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36092"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36110",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36110"
}
]
}
msrc_cve-2025-47907
Vulnerability from csaf_microsoft
Published
2025-08-02 00:00
Modified
2025-09-03 22:18
Summary
Incorrect results returned from Rows.Scan in database/sql
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47907 Incorrect results returned from Rows.Scan in database/sql - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-47907.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Incorrect results returned from Rows.Scan in database/sql",
"tracking": {
"current_release_date": "2025-09-03T22:18:29.000Z",
"generator": {
"date": "2025-10-20T03:41:12.354Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2025-47907",
"initial_release_date": "2025-08-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-09-03T22:18:29.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 golang 1.24.5-1",
"product": {
"name": "\u003cazl3 golang 1.24.5-1",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "azl3 golang 1.24.5-1",
"product": {
"name": "azl3 golang 1.24.5-1",
"product_id": "20138"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 golang 1.18.8-8",
"product": {
"name": "\u003ccbl2 golang 1.18.8-8",
"product_id": "5"
}
},
{
"category": "product_version",
"name": "cbl2 golang 1.18.8-8",
"product": {
"name": "cbl2 golang 1.18.8-8",
"product_id": "19755"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 golang 1.22.7-4",
"product": {
"name": "\u003ccbl2 golang 1.22.7-4",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "cbl2 golang 1.22.7-4",
"product": {
"name": "cbl2 golang 1.22.7-4",
"product_id": "20123"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 golang 1.23.11-1",
"product": {
"name": "\u003cazl3 golang 1.23.11-1",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "azl3 golang 1.23.11-1",
"product": {
"name": "azl3 golang 1.23.11-1",
"product_id": "20145"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 golang 1.22.7-5",
"product": {
"name": "\u003ccbl2 golang 1.22.7-5",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 golang 1.22.7-5",
"product": {
"name": "cbl2 golang 1.22.7-5",
"product_id": "20387"
}
}
],
"category": "product_name",
"name": "golang"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 golang 1.24.5-1 as a component of Azure Linux 3.0",
"product_id": "17084-3"
},
"product_reference": "3",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 golang 1.24.5-1 as a component of Azure Linux 3.0",
"product_id": "20138-17084"
},
"product_reference": "20138",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 golang 1.18.8-8 as a component of CBL Mariner 2.0",
"product_id": "17086-5"
},
"product_reference": "5",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 golang 1.18.8-8 as a component of CBL Mariner 2.0",
"product_id": "19755-17086"
},
"product_reference": "19755",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 golang 1.22.7-4 as a component of CBL Mariner 2.0",
"product_id": "17086-4"
},
"product_reference": "4",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 golang 1.22.7-4 as a component of CBL Mariner 2.0",
"product_id": "20123-17086"
},
"product_reference": "20123",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 golang 1.23.11-1 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 golang 1.23.11-1 as a component of Azure Linux 3.0",
"product_id": "20145-17084"
},
"product_reference": "20145",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 golang 1.22.7-5 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 golang 1.22.7-5 as a component of CBL Mariner 2.0",
"product_id": "20387-17086"
},
"product_reference": "20387",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47907",
"notes": [
{
"category": "general",
"text": "Go",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"20138-17084",
"19755-17086",
"20123-17086",
"20145-17084",
"20387-17086"
],
"known_affected": [
"17084-3",
"17086-5",
"17086-4",
"17084-2",
"17086-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47907 Incorrect results returned from Rows.Scan in database/sql - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-47907.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-03T22:18:29.000Z",
"details": "1.24.6-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-3"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-09-03T22:18:29.000Z",
"details": "1.18.8-9:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-5"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-09-03T22:18:29.000Z",
"details": "1.22.7-5:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-4",
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-09-03T22:18:29.000Z",
"details": "1.23.12-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"17084-3",
"17086-5",
"17086-4",
"17084-2",
"17086-1"
]
}
],
"title": "Incorrect results returned from Rows.Scan in database/sql"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…