Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-61729 (GCVE-0-2025-61729)
Vulnerability from cvelistv5 – Published: 2025-12-02 18:54 – Updated: 2025-12-03 19:37
VLAI?
EPSS
Title
Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Summary
Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Go standard library | crypto/x509 |
Affected:
0 , < 1.24.11
(semver)
Affected: 1.25.0 , < 1.25.5 (semver) |
Credits
Philippe Antoine (Catena cyber)
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-61729",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-02T21:52:36.341575Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T21:52:58.224Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "crypto/x509",
"product": "crypto/x509",
"programRoutines": [
{
"name": "Certificate.VerifyHostname"
},
{
"name": "Certificate.Verify"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.24.11",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.25.5",
"status": "affected",
"version": "1.25.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Philippe Antoine (Catena cyber)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T19:37:14.903Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/725920"
},
{
"url": "https://go.dev/issue/76445"
},
{
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"title": "Excessive resource consumption when printing error string for host certificate validation in crypto/x509"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-61729",
"datePublished": "2025-12-02T18:54:10.166Z",
"dateReserved": "2025-09-30T15:05:03.605Z",
"dateUpdated": "2025-12-03T19:37:14.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-61729\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2025-12-02T19:15:51.447\",\"lastModified\":\"2025-12-19T18:25:28.283\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.24.11\",\"matchCriteriaId\":\"F2E6FD2A-A487-4099-B91D-2429F286AC6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.25.0\",\"versionEndExcluding\":\"1.25.5\",\"matchCriteriaId\":\"39C03A37-B94B-46E4-B1C2-A70A870F8E53\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/725920\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/76445\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/8FJoBkPddm4\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2025-4155\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-61729\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-02T21:52:36.341575Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-02T21:52:53.822Z\"}}], \"cna\": {\"title\": \"Excessive resource consumption when printing error string for host certificate validation in crypto/x509\", \"credits\": [{\"lang\": \"en\", \"value\": \"Philippe Antoine (Catena cyber)\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"crypto/x509\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.24.11\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.25.0\", \"lessThan\": \"1.25.5\", \"versionType\": \"semver\"}], \"packageName\": \"crypto/x509\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"Certificate.VerifyHostname\"}, {\"name\": \"Certificate.Verify\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/725920\"}, {\"url\": \"https://go.dev/issue/76445\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/8FJoBkPddm4\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2025-4155\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-400: Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2025-12-03T19:37:14.903Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-61729\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-03T19:37:14.903Z\", \"dateReserved\": \"2025-09-30T15:05:03.605Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2025-12-02T18:54:10.166Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:0923
Vulnerability from csaf_redhat - Published: 2026-01-21 12:11 - Updated: 2026-01-22 17:38Summary
Red Hat Security Advisory: golang security update
Notes
Topic
An update for golang is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The golang packages provide the Go programming language compiler.
Security Fix(es):
* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0923",
"url": "https://access.redhat.com/errata/RHSA-2026:0923"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0923.json"
}
],
"title": "Red Hat Security Advisory: golang security update",
"tracking": {
"current_release_date": "2026-01-22T17:38:48+00:00",
"generator": {
"date": "2026-01-22T17:38:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2026:0923",
"initial_release_date": "2026-01-21T12:11:33+00:00",
"revision_history": [
{
"date": "2026-01-21T12:11:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-21T12:11:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-22T17:38:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.5-2.el9_7.aarch64",
"product": {
"name": "go-toolset-0:1.25.5-2.el9_7.aarch64",
"product_id": "go-toolset-0:1.25.5-2.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.5-2.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.5-2.el9_7.aarch64",
"product": {
"name": "golang-0:1.25.5-2.el9_7.aarch64",
"product_id": "golang-0:1.25.5-2.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.5-2.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.5-2.el9_7.aarch64",
"product": {
"name": "golang-bin-0:1.25.5-2.el9_7.aarch64",
"product_id": "golang-bin-0:1.25.5-2.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.5-2.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.5-2.el9_7.aarch64",
"product": {
"name": "golang-race-0:1.25.5-2.el9_7.aarch64",
"product_id": "golang-race-0:1.25.5-2.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.5-2.el9_7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.5-2.el9_7.ppc64le",
"product": {
"name": "go-toolset-0:1.25.5-2.el9_7.ppc64le",
"product_id": "go-toolset-0:1.25.5-2.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.5-2.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.5-2.el9_7.ppc64le",
"product": {
"name": "golang-0:1.25.5-2.el9_7.ppc64le",
"product_id": "golang-0:1.25.5-2.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.5-2.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.5-2.el9_7.ppc64le",
"product": {
"name": "golang-bin-0:1.25.5-2.el9_7.ppc64le",
"product_id": "golang-bin-0:1.25.5-2.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.5-2.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.5-2.el9_7.ppc64le",
"product": {
"name": "golang-race-0:1.25.5-2.el9_7.ppc64le",
"product_id": "golang-race-0:1.25.5-2.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.5-2.el9_7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.5-2.el9_7.x86_64",
"product": {
"name": "go-toolset-0:1.25.5-2.el9_7.x86_64",
"product_id": "go-toolset-0:1.25.5-2.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.5-2.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.5-2.el9_7.x86_64",
"product": {
"name": "golang-0:1.25.5-2.el9_7.x86_64",
"product_id": "golang-0:1.25.5-2.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.5-2.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.5-2.el9_7.x86_64",
"product": {
"name": "golang-bin-0:1.25.5-2.el9_7.x86_64",
"product_id": "golang-bin-0:1.25.5-2.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.5-2.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.5-2.el9_7.x86_64",
"product": {
"name": "golang-race-0:1.25.5-2.el9_7.x86_64",
"product_id": "golang-race-0:1.25.5-2.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.5-2.el9_7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.5-2.el9_7.s390x",
"product": {
"name": "go-toolset-0:1.25.5-2.el9_7.s390x",
"product_id": "go-toolset-0:1.25.5-2.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.5-2.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.5-2.el9_7.s390x",
"product": {
"name": "golang-0:1.25.5-2.el9_7.s390x",
"product_id": "golang-0:1.25.5-2.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.5-2.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.5-2.el9_7.s390x",
"product": {
"name": "golang-bin-0:1.25.5-2.el9_7.s390x",
"product_id": "golang-bin-0:1.25.5-2.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.5-2.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.5-2.el9_7.s390x",
"product": {
"name": "golang-race-0:1.25.5-2.el9_7.s390x",
"product_id": "golang-race-0:1.25.5-2.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.5-2.el9_7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.25.5-2.el9_7.src",
"product": {
"name": "golang-0:1.25.5-2.el9_7.src",
"product_id": "golang-0:1.25.5-2.el9_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.5-2.el9_7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.25.5-2.el9_7.noarch",
"product": {
"name": "golang-docs-0:1.25.5-2.el9_7.noarch",
"product_id": "golang-docs-0:1.25.5-2.el9_7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.25.5-2.el9_7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.25.5-2.el9_7.noarch",
"product": {
"name": "golang-misc-0:1.25.5-2.el9_7.noarch",
"product_id": "golang-misc-0:1.25.5-2.el9_7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.25.5-2.el9_7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.25.5-2.el9_7.noarch",
"product": {
"name": "golang-src-0:1.25.5-2.el9_7.noarch",
"product_id": "golang-src-0:1.25.5-2.el9_7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.25.5-2.el9_7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.25.5-2.el9_7.noarch",
"product": {
"name": "golang-tests-0:1.25.5-2.el9_7.noarch",
"product_id": "golang-tests-0:1.25.5-2.el9_7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.25.5-2.el9_7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.5-2.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.5-2.el9_7.aarch64"
},
"product_reference": "go-toolset-0:1.25.5-2.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.5-2.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.5-2.el9_7.ppc64le"
},
"product_reference": "go-toolset-0:1.25.5-2.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.5-2.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.5-2.el9_7.s390x"
},
"product_reference": "go-toolset-0:1.25.5-2.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.5-2.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.5-2.el9_7.x86_64"
},
"product_reference": "go-toolset-0:1.25.5-2.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.5-2.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.aarch64"
},
"product_reference": "golang-0:1.25.5-2.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.5-2.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.ppc64le"
},
"product_reference": "golang-0:1.25.5-2.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.5-2.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.s390x"
},
"product_reference": "golang-0:1.25.5-2.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.5-2.el9_7.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.src"
},
"product_reference": "golang-0:1.25.5-2.el9_7.src",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.5-2.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.x86_64"
},
"product_reference": "golang-0:1.25.5-2.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.5-2.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.5-2.el9_7.aarch64"
},
"product_reference": "golang-bin-0:1.25.5-2.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.5-2.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.5-2.el9_7.ppc64le"
},
"product_reference": "golang-bin-0:1.25.5-2.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.5-2.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.5-2.el9_7.s390x"
},
"product_reference": "golang-bin-0:1.25.5-2.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.5-2.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.5-2.el9_7.x86_64"
},
"product_reference": "golang-bin-0:1.25.5-2.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.25.5-2.el9_7.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.5-2.el9_7.noarch"
},
"product_reference": "golang-docs-0:1.25.5-2.el9_7.noarch",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.25.5-2.el9_7.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.5-2.el9_7.noarch"
},
"product_reference": "golang-misc-0:1.25.5-2.el9_7.noarch",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.5-2.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.5-2.el9_7.aarch64"
},
"product_reference": "golang-race-0:1.25.5-2.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.5-2.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.5-2.el9_7.ppc64le"
},
"product_reference": "golang-race-0:1.25.5-2.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.5-2.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.5-2.el9_7.s390x"
},
"product_reference": "golang-race-0:1.25.5-2.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.5-2.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.5-2.el9_7.x86_64"
},
"product_reference": "golang-race-0:1.25.5-2.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.25.5-2.el9_7.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.5-2.el9_7.noarch"
},
"product_reference": "golang-src-0:1.25.5-2.el9_7.noarch",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.25.5-2.el9_7.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.5-2.el9_7.noarch"
},
"product_reference": "golang-tests-0:1.25.5-2.el9_7.noarch",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.5-2.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.5-2.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.5-2.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.5-2.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.5-2.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.5-2.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.5-2.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.5-2.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.5-2.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.5-2.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.5-2.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.5-2.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.5-2.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.5-2.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.5-2.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.5-2.el9_7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-21T12:11:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.5-2.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.5-2.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.5-2.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.5-2.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.5-2.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.5-2.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.5-2.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.5-2.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.5-2.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.5-2.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.5-2.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.5-2.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.5-2.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.5-2.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.5-2.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.5-2.el9_7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0923"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.5-2.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.5-2.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.5-2.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.5-2.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.5-2.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.5-2.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.5-2.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.5-2.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.5-2.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.5-2.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.5-2.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.5-2.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.5-2.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.5-2.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.5-2.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.5-2.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.5-2.el9_7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
}
]
}
RHSA-2026:0922
Vulnerability from csaf_redhat - Published: 2026-01-21 09:50 - Updated: 2026-01-22 17:38Summary
Red Hat Security Advisory: golang security update
Notes
Topic
An update for golang is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The golang packages provide the Go programming language compiler.
Security Fix(es):
* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0922",
"url": "https://access.redhat.com/errata/RHSA-2026:0922"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0922.json"
}
],
"title": "Red Hat Security Advisory: golang security update",
"tracking": {
"current_release_date": "2026-01-22T17:38:48+00:00",
"generator": {
"date": "2026-01-22T17:38:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2026:0922",
"initial_release_date": "2026-01-21T09:50:39+00:00",
"revision_history": [
{
"date": "2026-01-21T09:50:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-21T09:50:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-22T17:38:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.5-1.el10_1.aarch64",
"product": {
"name": "go-toolset-0:1.25.5-1.el10_1.aarch64",
"product_id": "go-toolset-0:1.25.5-1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.5-1.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.5-1.el10_1.aarch64",
"product": {
"name": "golang-0:1.25.5-1.el10_1.aarch64",
"product_id": "golang-0:1.25.5-1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.5-1.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.5-1.el10_1.aarch64",
"product": {
"name": "golang-bin-0:1.25.5-1.el10_1.aarch64",
"product_id": "golang-bin-0:1.25.5-1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.5-1.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.5-1.el10_1.aarch64",
"product": {
"name": "golang-race-0:1.25.5-1.el10_1.aarch64",
"product_id": "golang-race-0:1.25.5-1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.5-1.el10_1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.5-1.el10_1.ppc64le",
"product": {
"name": "go-toolset-0:1.25.5-1.el10_1.ppc64le",
"product_id": "go-toolset-0:1.25.5-1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.5-1.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.5-1.el10_1.ppc64le",
"product": {
"name": "golang-0:1.25.5-1.el10_1.ppc64le",
"product_id": "golang-0:1.25.5-1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.5-1.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.5-1.el10_1.ppc64le",
"product": {
"name": "golang-bin-0:1.25.5-1.el10_1.ppc64le",
"product_id": "golang-bin-0:1.25.5-1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.5-1.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.5-1.el10_1.ppc64le",
"product": {
"name": "golang-race-0:1.25.5-1.el10_1.ppc64le",
"product_id": "golang-race-0:1.25.5-1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.5-1.el10_1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.5-1.el10_1.x86_64",
"product": {
"name": "go-toolset-0:1.25.5-1.el10_1.x86_64",
"product_id": "go-toolset-0:1.25.5-1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.5-1.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.5-1.el10_1.x86_64",
"product": {
"name": "golang-0:1.25.5-1.el10_1.x86_64",
"product_id": "golang-0:1.25.5-1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.5-1.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.5-1.el10_1.x86_64",
"product": {
"name": "golang-bin-0:1.25.5-1.el10_1.x86_64",
"product_id": "golang-bin-0:1.25.5-1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.5-1.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.5-1.el10_1.x86_64",
"product": {
"name": "golang-race-0:1.25.5-1.el10_1.x86_64",
"product_id": "golang-race-0:1.25.5-1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.5-1.el10_1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.5-1.el10_1.s390x",
"product": {
"name": "go-toolset-0:1.25.5-1.el10_1.s390x",
"product_id": "go-toolset-0:1.25.5-1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.5-1.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.5-1.el10_1.s390x",
"product": {
"name": "golang-0:1.25.5-1.el10_1.s390x",
"product_id": "golang-0:1.25.5-1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.5-1.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.5-1.el10_1.s390x",
"product": {
"name": "golang-bin-0:1.25.5-1.el10_1.s390x",
"product_id": "golang-bin-0:1.25.5-1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.5-1.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.5-1.el10_1.s390x",
"product": {
"name": "golang-race-0:1.25.5-1.el10_1.s390x",
"product_id": "golang-race-0:1.25.5-1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.5-1.el10_1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.25.5-1.el10_1.src",
"product": {
"name": "golang-0:1.25.5-1.el10_1.src",
"product_id": "golang-0:1.25.5-1.el10_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.5-1.el10_1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.25.5-1.el10_1.noarch",
"product": {
"name": "golang-docs-0:1.25.5-1.el10_1.noarch",
"product_id": "golang-docs-0:1.25.5-1.el10_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.25.5-1.el10_1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.25.5-1.el10_1.noarch",
"product": {
"name": "golang-misc-0:1.25.5-1.el10_1.noarch",
"product_id": "golang-misc-0:1.25.5-1.el10_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.25.5-1.el10_1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.25.5-1.el10_1.noarch",
"product": {
"name": "golang-src-0:1.25.5-1.el10_1.noarch",
"product_id": "golang-src-0:1.25.5-1.el10_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.25.5-1.el10_1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.25.5-1.el10_1.noarch",
"product": {
"name": "golang-tests-0:1.25.5-1.el10_1.noarch",
"product_id": "golang-tests-0:1.25.5-1.el10_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.25.5-1.el10_1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.5-1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:go-toolset-0:1.25.5-1.el10_1.aarch64"
},
"product_reference": "go-toolset-0:1.25.5-1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.5-1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:go-toolset-0:1.25.5-1.el10_1.ppc64le"
},
"product_reference": "go-toolset-0:1.25.5-1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.5-1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:go-toolset-0:1.25.5-1.el10_1.s390x"
},
"product_reference": "go-toolset-0:1.25.5-1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.5-1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:go-toolset-0:1.25.5-1.el10_1.x86_64"
},
"product_reference": "go-toolset-0:1.25.5-1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.5-1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.aarch64"
},
"product_reference": "golang-0:1.25.5-1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.5-1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.ppc64le"
},
"product_reference": "golang-0:1.25.5-1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.5-1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.s390x"
},
"product_reference": "golang-0:1.25.5-1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.5-1.el10_1.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.src"
},
"product_reference": "golang-0:1.25.5-1.el10_1.src",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.5-1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.x86_64"
},
"product_reference": "golang-0:1.25.5-1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.5-1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-bin-0:1.25.5-1.el10_1.aarch64"
},
"product_reference": "golang-bin-0:1.25.5-1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.5-1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-bin-0:1.25.5-1.el10_1.ppc64le"
},
"product_reference": "golang-bin-0:1.25.5-1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.5-1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-bin-0:1.25.5-1.el10_1.s390x"
},
"product_reference": "golang-bin-0:1.25.5-1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.5-1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-bin-0:1.25.5-1.el10_1.x86_64"
},
"product_reference": "golang-bin-0:1.25.5-1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.25.5-1.el10_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-docs-0:1.25.5-1.el10_1.noarch"
},
"product_reference": "golang-docs-0:1.25.5-1.el10_1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.25.5-1.el10_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-misc-0:1.25.5-1.el10_1.noarch"
},
"product_reference": "golang-misc-0:1.25.5-1.el10_1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.5-1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-race-0:1.25.5-1.el10_1.aarch64"
},
"product_reference": "golang-race-0:1.25.5-1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.5-1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-race-0:1.25.5-1.el10_1.ppc64le"
},
"product_reference": "golang-race-0:1.25.5-1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.5-1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-race-0:1.25.5-1.el10_1.s390x"
},
"product_reference": "golang-race-0:1.25.5-1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.5-1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-race-0:1.25.5-1.el10_1.x86_64"
},
"product_reference": "golang-race-0:1.25.5-1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.25.5-1.el10_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-src-0:1.25.5-1.el10_1.noarch"
},
"product_reference": "golang-src-0:1.25.5-1.el10_1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.25.5-1.el10_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-tests-0:1.25.5-1.el10_1.noarch"
},
"product_reference": "golang-tests-0:1.25.5-1.el10_1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:go-toolset-0:1.25.5-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.5-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.5-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.5-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.5-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.5-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.5-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.5-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.5-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.5-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.5-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.5-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.5-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.5-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.5-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.5-1.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-21T09:50:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:go-toolset-0:1.25.5-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.5-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.5-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.5-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.5-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.5-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.5-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.5-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.5-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.5-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.5-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.5-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.5-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.5-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.5-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.5-1.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0922"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:go-toolset-0:1.25.5-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.5-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.5-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.5-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.5-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.5-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.5-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.5-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.5-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.5-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.5-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.5-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.5-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.5-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.5-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.5-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.5-1.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
}
]
}
RHSA-2026:0921
Vulnerability from csaf_redhat - Published: 2026-01-21 10:01 - Updated: 2026-01-22 17:38Summary
Red Hat Security Advisory: go-toolset:rhel8 security update
Notes
Topic
An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0921",
"url": "https://access.redhat.com/errata/RHSA-2026:0921"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0921.json"
}
],
"title": "Red Hat Security Advisory: go-toolset:rhel8 security update",
"tracking": {
"current_release_date": "2026-01-22T17:38:47+00:00",
"generator": {
"date": "2026-01-22T17:38:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2026:0921",
"initial_release_date": "2026-01-21T10:01:30+00:00",
"revision_history": [
{
"date": "2026-01-21T10:01:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-21T10:01:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-22T17:38:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"product": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src (go-toolset:rhel8)",
"product_id": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=src\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.src::go-toolset:rhel8",
"product": {
"name": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.src (go-toolset:rhel8)",
"product_id": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=src\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"product": {
"name": "golang-docs-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch (go-toolset:rhel8)",
"product_id": "golang-docs-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"product": {
"name": "golang-misc-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch (go-toolset:rhel8)",
"product_id": "golang-misc-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"product": {
"name": "golang-src-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch (go-toolset:rhel8)",
"product_id": "golang-src-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"product": {
"name": "golang-tests-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch (go-toolset:rhel8)",
"product_id": "golang-tests-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8)",
"product_id": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64 (go-toolset:rhel8)",
"product_id": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64 (go-toolset:rhel8)",
"product_id": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8)",
"product_id": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le (go-toolset:rhel8)",
"product_id": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le (go-toolset:rhel8)",
"product_id": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8)",
"product_id": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64 (go-toolset:rhel8)",
"product_id": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64 (go-toolset:rhel8)",
"product_id": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"product": {
"name": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x (go-toolset:rhel8)",
"product_id": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x (go-toolset:rhel8)",
"product_id": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.5-1.module%2Bel8.10.0%2B23901%2B9d60aaf1?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020260119042017:a3795dee"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8"
},
"product_reference": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8"
},
"product_reference": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8"
},
"product_reference": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8"
},
"product_reference": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.src::go-toolset:rhel8"
},
"product_reference": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8"
},
"product_reference": "golang-docs-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8"
},
"product_reference": "golang-misc-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8"
},
"product_reference": "golang-src-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8"
},
"product_reference": "golang-tests-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-21T10:01:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0921"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.5-1.module+el8.10.0+23901+9d60aaf1.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
}
]
}
RHSA-2026:1017
Vulnerability from csaf_redhat - Published: 2026-01-22 15:47 - Updated: 2026-01-22 17:38Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.3 security update
Notes
Topic
Important: Red Hat OpenShift GitOps v1.18.3 security update
Details
An update is now available for Red Hat OpenShift GitOps.
Bug Fix(es) and Enhancement(s):
* GITOPS-8239 (CVE-2025-47913 openshift-gitops-1/gitops-rhel8: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [gitops-1.18])
* GITOPS-8079 (CVE-2025-58183 openshift-gitops-1/argocd-rhel8: Unbounded allocation when parsing GNU sparse map [gitops-1.18])
* GITOPS-8082 (CVE-2025-58183 openshift-gitops-1/dex-rhel8: Unbounded allocation when parsing GNU sparse map [gitops-1.18])
* GITOPS-8522 (CVE-2025-68156 openshift-gitops-1/argocd-rhel8: Expr: Denial of Service via uncontrolled recursion in expression evaluation [gitops-1.18])
* GITOPS-8523 (CVE-2025-68156 openshift-gitops-1/argocd-rhel9: Expr: Denial of Service via uncontrolled recursion in expression evaluation [gitops-1.18])
* GITOPS-7849 (Cherry pick Repo Type Fix to Argo CD 3.1 stream)
* GITOPS-7992 (openshift-gitops-operator-metrics-monitor ServiceMonitor is attempting to use a bearerTokenFile configuration in its endpoints definition)
* GITOPS-8225 (RC 1.19.0-2 : haproxy replica remains 1 with HA upgrade)
* GITOPS-8249 (Prevent argoCD from automatically refreshing to gitops repository )
* GITOPS-8411 (CVE-2025-55190 still blocking due to github.com/argoproj/argo-cd/v2@v2.14.11 in gitops-rhel8:v1.18.1)
* GITOPS-8535 (Show All Namespaces or Current Namespace Only option)
* GITOPS-8591 (Reciving TargetDown after upgrading GitOps )
**Post-Upgrade Action Required: Audit GitOps Operator Roles**
Following this upgrade, we strongly recommend you run the provided audit script to review namespace-scoped access.
* The script identifies Roles/RoleBindings that grant cross-namespace access for the GitOps operator's features (created via .spec.sourceNamespaces).
* Run it to verify and confirm that only the intended namespaces have cross-namespace access to deploy applications.
For more details, refer to :
- https://github.com/redhat-developer/gitops-operator/tree/master/scripts/audit-namespace-roles
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Important: Red Hat OpenShift GitOps v1.18.3 security update",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for Red Hat OpenShift GitOps.\nBug Fix(es) and Enhancement(s):\n* GITOPS-8239 (CVE-2025-47913 openshift-gitops-1/gitops-rhel8: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [gitops-1.18])\n* GITOPS-8079 (CVE-2025-58183 openshift-gitops-1/argocd-rhel8: Unbounded allocation when parsing GNU sparse map [gitops-1.18])\n* GITOPS-8082 (CVE-2025-58183 openshift-gitops-1/dex-rhel8: Unbounded allocation when parsing GNU sparse map [gitops-1.18])\n* GITOPS-8522 (CVE-2025-68156 openshift-gitops-1/argocd-rhel8: Expr: Denial of Service via uncontrolled recursion in expression evaluation [gitops-1.18])\n* GITOPS-8523 (CVE-2025-68156 openshift-gitops-1/argocd-rhel9: Expr: Denial of Service via uncontrolled recursion in expression evaluation [gitops-1.18])\n* GITOPS-7849 (Cherry pick Repo Type Fix to Argo CD 3.1 stream)\n* GITOPS-7992 (openshift-gitops-operator-metrics-monitor ServiceMonitor is attempting to use a bearerTokenFile configuration in its endpoints definition)\n* GITOPS-8225 (RC 1.19.0-2 : haproxy replica remains 1 with HA upgrade)\n* GITOPS-8249 (Prevent argoCD from automatically refreshing to gitops repository )\n* GITOPS-8411 (CVE-2025-55190 still blocking due to github.com/argoproj/argo-cd/v2@v2.14.11 in gitops-rhel8:v1.18.1)\n* GITOPS-8535 (Show All Namespaces or Current Namespace Only option)\n* GITOPS-8591 (Reciving TargetDown after upgrading GitOps )\n\n**Post-Upgrade Action Required: Audit GitOps Operator Roles** \n\nFollowing this upgrade, we strongly recommend you run the provided audit script to review namespace-scoped access. \n * The script identifies Roles/RoleBindings that grant cross-namespace access for the GitOps operator\u0027s features (created via .spec.sourceNamespaces). \n * Run it to verify and confirm that only the intended namespaces have cross-namespace access to deploy applications. \n\nFor more details, refer to : \n - https://github.com/redhat-developer/gitops-operator/tree/master/scripts/audit-namespace-roles ",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1017",
"url": "https://access.redhat.com/errata/RHSA-2026:1017"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13888",
"url": "https://access.redhat.com/security/cve/CVE-2025-13888"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47913",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-55190",
"url": "https://access.redhat.com/security/cve/CVE-2025-55190"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58183",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68156",
"url": "https://access.redhat.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_gitops/1.18/",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_gitops/1.18/"
},
{
"category": "external",
"summary": "https://github.com/redhat-developer/gitops-operator/tree/master/scripts/audit-namespace-roles",
"url": "https://github.com/redhat-developer/gitops-operator/tree/master/scripts/audit-namespace-roles"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1017.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.3 security update",
"tracking": {
"current_release_date": "2026-01-22T17:38:49+00:00",
"generator": {
"date": "2026-01-22T17:38:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2026:1017",
"initial_release_date": "2026-01-22T15:47:03+00:00",
"revision_history": [
{
"date": "2026-01-22T15:47:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-22T15:47:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-22T17:38:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.18",
"product": {
"name": "Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.18::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Addc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881087"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881232"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3A32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881701"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768880997"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3A779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881228"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3Aae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768882111"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3Aed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768882258"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3A1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881034"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881033"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256%3Aa4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768883693"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768880947"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Ad529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881087"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3A0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881232"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3A1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881701"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768880997"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3A0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881228"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3A6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768882111"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3Aa0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768882258"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3A7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881034"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881033"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768880947"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3Af87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881087"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3Af8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881232"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3Aa621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881701"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768880997"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3A88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881228"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3Ab6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768882111"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3Aab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768882258"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3A853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881034"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3A43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881033"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3A376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768880947"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256%3A58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881087"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256%3Aa333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881232"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-agent-rhel8@sha256%3Aa6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881701"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-extensions-rhel8@sha256%3A259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768880997"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256%3A6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881228"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256%3Abca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768882111"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256%3A792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768882258"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256%3A1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881034"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256%3Ae73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768881033"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x",
"product": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x",
"product_id": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256%3Ade7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1\u0026tag=1768880947"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64 as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x as a component of Red Hat OpenShift GitOps 1.18",
"product_id": "Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
},
"product_reference": "registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x",
"relates_to_product_reference": "Red Hat OpenShift GitOps 1.18"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-13888",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2025-12-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418361"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenShift GitOps. Namespace admins can create ArgoCD Custom Resources (CRs) that trick the system into granting them elevated permissions in other namespaces, including privileged namespaces. An authenticated attacker can then use these elevated permissions to create privileged workloads that run on master nodes, effectively giving them root access to the entire cluster.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openshift-gitops-operator: OpenShift GitOps: Namespace Admin Cluster Takeover via Privileged Jobs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this vulnerability as Important instead of Critical. While full cluster compromise is possible, it requires the attacker to already possess authenticated namespace administrator credentials, reducing the attack surface to authorized internal users rather than external attackers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13888"
},
{
"category": "external",
"summary": "RHBZ#2418361",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418361"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13888"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13888",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13888"
},
{
"category": "external",
"summary": "https://github.com/redhat-developer/gitops-operator/commit/bc6ac3e03d7c8b3db5d8f1770c868396a4c2dcef",
"url": "https://github.com/redhat-developer/gitops-operator/commit/bc6ac3e03d7c8b3db5d8f1770c868396a4c2dcef"
},
{
"category": "external",
"summary": "https://github.com/redhat-developer/gitops-operator/pull/897",
"url": "https://github.com/redhat-developer/gitops-operator/pull/897"
},
{
"category": "external",
"summary": "https://github.com/redhat-developer/gitops-operator/releases/tag/v1.16.2",
"url": "https://github.com/redhat-developer/gitops-operator/releases/tag/v1.16.2"
}
],
"release_date": "2025-12-15T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T15:47:03+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1017"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openshift-gitops-operator: OpenShift GitOps: Namespace Admin Cluster Takeover via Privileged Jobs"
},
{
"cve": "CVE-2025-47913",
"discovery_date": "2025-11-13T22:01:26.092452+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2414943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic(\"unreachable\") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was marked as Important because it allows any malicious or misbehaving SSH agent to force a crash in the client process using a single valid protocol byte. The panic occurs before the client has a chance to validate message structure or recover, which means an attacker controlling\u2014or intercepting\u2014SSH agent traffic can reliably terminate processes that rely on agent interactions. In environments where SSH agents operate over forwarded sockets, shared workspaces, or CI/CD runners, this turns into a reliable, unauthenticated remote denial of service against critical automation or developer tooling. The flaw also stems from unsafe assumptions in the unmarshalling logic, where unexpected but protocol-legal message types drop into \u201cunreachable\u201d code paths instead of being handled gracefully\u2014making it a design-level reliability break rather than a simple error-handling bug. For this reason, it is rated as an important availability-impacting vulnerability rather than a moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "RHBZ#2414943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-hcg3-q754-cr77",
"url": "https://github.com/advisories/GHSA-hcg3-q754-cr77"
},
{
"category": "external",
"summary": "https://go.dev/cl/700295",
"url": "https://go.dev/cl/700295"
},
{
"category": "external",
"summary": "https://go.dev/issue/75178",
"url": "https://go.dev/issue/75178"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4116",
"url": "https://pkg.go.dev/vuln/GO-2025-4116"
}
],
"release_date": "2025-11-13T21:29:39.907000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T15:47:03+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1017"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS"
},
{
"cve": "CVE-2025-55190",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"discovery_date": "2025-08-21T07:09:49.658000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2390026"
}
],
"notes": [
{
"category": "description",
"text": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. In versions 2.13.0 through 2.13.8, 2.14.0 through 2.14.15, 3.0.0 through 3.0.12 and 3.1.0-rc1 through 3.1.1, API tokens with project-level permissions are able to retrieve sensitive repository credentials (usernames, passwords) through the project details API endpoint, even when the token only has standard application management permissions and no explicit access to secrets. This vulnerability does not only affect project-level permissions. Any token with project get permissions is also vulnerable, including global permissions such as: `p, role/user, projects, get, *, allow`. This issue is fixed in versions 2.13.9, 2.14.16, 3.0.14 and 3.1.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-cd: Project API Token Exposes Repository Credentials",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has Important impact as exploitation requires some privileges granted by the system. An attacker would either need the ability to create an API token (via having valid login credentials) or to have stolen an API token from a legitimate user. It does not grant full control over the system, attackers can only tamper with the project(s) associated with an API token.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-55190"
},
{
"category": "external",
"summary": "RHBZ#2390026",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2390026"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-55190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55190"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-786q-9hcg-v9ff",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-786q-9hcg-v9ff"
}
],
"release_date": "2025-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T15:47:03+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1017"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/argoproj/argo-cd: Project API Token Exposes Repository Credentials"
},
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T15:47:03+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1017"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T15:47:03+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1017"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68156",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-16T19:01:42.049157+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2422891"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Expr, an expression language and expression evaluation for Go. This vulnerability allows a denial of service (DoS) via recursive traversal over user-provided deeply nested or cyclic data structures without enforcing a maximum recursion depth, leading to a stack overflow panic and application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products utilizing the `Expr` Go library because it can lead to a denial-of-service. Exploitation requires an application to evaluate expressions against untrusted or insufficiently validated data structures containing deeply nested or cyclic references, which can cause a stack overflow and application crash. Products that do not process untrusted input with `Expr` are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "RHBZ#2422891",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422891"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68156"
},
{
"category": "external",
"summary": "https://github.com/expr-lang/expr/pull/870",
"url": "https://github.com/expr-lang/expr/pull/870"
},
{
"category": "external",
"summary": "https://github.com/expr-lang/expr/security/advisories/GHSA-cfpf-hrx2-8rv6",
"url": "https://github.com/expr-lang/expr/security/advisories/GHSA-cfpf-hrx2-8rv6"
}
],
"release_date": "2025-12-16T18:24:11.648000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T15:47:03+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1017"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications using the `Expr` library should ensure that evaluation environments do not contain cyclic references. Additionally, externally supplied data structures must be validated or sanitized before being passed to `Expr` for evaluation. As a last-resort defensive measure, expression evaluation can be wrapped with panic recovery to prevent a full process crash.",
"product_ids": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:58b596569b8de68d7474d949fd30d9a1666f1f08ea81e8264b9132263b61377b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:d529b4bbae3cfcf25ea91a29d3c9eb701ef6a3a54e6e0c0117c649f3e4dbe2dc_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:ddc27dbea59c611ffb5394114a6c754397cc0032ba3487a3f03041ed34cfce30_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8@sha256:f87ac5bb84230c4c34f5404adbc45347a295fb1e60095c2e4ad1e0ea126382b5_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:1ac33bdd539b1bf2033e27f3127badf1afd2d5fdeef9fd51f00feeffdd936f32_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:32ae33eb3d84b30020cb6732e5c84f76cbd2de6abdd7b42e72be887015c49d35_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a6141b3b5508dc9690ae15ebc3efd33a3fc71382a7dd449a954ffe181f8cd138_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-agent-rhel8@sha256:a621f4cfd83907d57317ce941f470ba4b0fb5d599aab38db936e591dde426404_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:0330e4aab6eb9d7c54417d2a6c5aaf959319eb1c811ab91085570295dc19b258_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:259bb75abc6b464d9badf8b110ab239232152010ada0c407241fab47ecbbae6e_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:571c6d9d4e84c6fcd278e13f15e71b527b618ac7d98c477c516d91e0097ba40c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8@sha256:8286093133d109fe0d852491fda66c66d893527f3364c587b6d09823088bcba6_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:0eb572fc96ae2e1973ce43515f03121965600bb09ef0b995eb467f5965c2246c_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:1438757fd131c12d8ae3a1edb5757bc63114b882d00563be2857917611008418_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:a333f6b8ae405b22c746a02bd38a125753a347e7e2c352ec690fa97388b3a40b_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel8@sha256:f8d8f51bd4aeba9dcfd4edad0720410d289ac0e7a2642c90128d506d69d42c77_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:0f883371ffee9d87547a4dc9524a35c5e6cce840a722bf3a01b1be3c1396fdb1_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:6e8d1e3c7bee9c2c2bee357af24bae34510fe6b87075b98f5be34e41dd70d152_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:779c33c3679e47ebca0af343ba6e26d2723cfc9affdcee4df54078ef68278016_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/argocd-rhel9@sha256:88d55cc7ec87db114cc60c9c7a67e9c6a69aae69c30a6c076bd94f239a84498c_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:6f16630ff37a5e18b5f8eee782edd6ada351a60b41fdab1bbfda27ebb297135a_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:ae7a2d5c703f6caa7d4facffe3c141bed9739b88967f5a832cf9005b2f815561_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:b6c961fab1178fcc25126ac214d0a7e15bf5738291e2e16c4e05ec320e54fcca_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/console-plugin-rhel8@sha256:bca47a6bb7edb70b24927ea02484c91bc4ce35cc8ebb24f5d68cb28193e77fda_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:792cbe51a6e0f80d9a97b5a6a538a36f756467624144ad3af2c2da53f85db68c_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:a0236e0cf364d15553a77f0c12f8f8c0bb12ebf2c49c43c68da4f3f28b93e781_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ab7de39ebdcc363fe61d919ebf430d6e533ddc108075c19f9c9e6d71938bfd6e_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/dex-rhel8@sha256:ed37ac2ef10a9107672556fe62e19020d470745a0ec04378ed840949c49a6234_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-operator-bundle@sha256:a4e9887db8647c4e958df4725f08340a9c6a462cd18fd2bf9c9f1fc939649740_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:10aa721d5a3c55fad979603898fa3b5d504c4911559b8615edfce9a5d0653ff0_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:3cde1fe9926ec2d6d7618cee7a053b1f66c8ebe1a5f6d9e097914b3d3d6f8ca1_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:43ba408b8ed58259bf338fd29260d936fbde9846f772d0580b3e7486ef8ea300_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator@sha256:e73fa4b644e17e520cc9836d4b235a5ae02e10a6a21addc2ae959832d4e08143_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1992f4b3414b6955295827e06e8e5e635f754eb3e0b52ca181e80add613d1ba4_s390x",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:1cbde70be8f1035b0f45b02e0663c28aa444ea5bc2c8bca580ff164dcfff4196_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:7fbb7d98b130e1dc6c9f5f440244a05bff22e34ab70f5e57e45d4b70e4e3f8da_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/gitops-rhel8@sha256:853107e7329e189ded3fc5ca657366e27010f468b1be813264efd9e2cf90c906_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:376ef09554debe6042424f2b4464922cf1aeb14d801fea5c81900d24ce028a39_ppc64le",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:4bb1a9bd246dac5d17ea6bb1556d7ebb87e794369f75913d3d197d2c55a48015_amd64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:54a92917be83722915ce05181652988342015eeb3e54fa3b4dd226d6fd493ccd_arm64",
"Red Hat OpenShift GitOps 1.18:registry.redhat.io/openshift-gitops-1/must-gather-rhel8@sha256:de7cde72fcb72eccc9f5ea89eed7094e4c976c3e331c48ef450339323a326da1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation"
}
]
}
CERTFR-2025-AVI-1138
Vulnerability from certfr_avis - Published: 2025-12-26 - Updated: 2025-12-26
De multiples vulnérabilités ont été découvertes dans VMware Tanzu Platform. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | AI Services pour Tanzu Platform versions antérieures à 10.3.2 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "AI Services pour Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.2",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-62727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62727"
},
{
"name": "CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"name": "CVE-2025-62426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62426"
},
{
"name": "CVE-2025-61727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
},
{
"name": "CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-31133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-62164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62164"
},
{
"name": "CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"name": "CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"name": "CVE-2025-66448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66448"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"name": "CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"name": "CVE-2025-34351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-34351"
},
{
"name": "CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"name": "CVE-2023-48022",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48022"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2025-62593",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62593"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
}
],
"initial_release_date": "2025-12-26T00:00:00",
"last_revision_date": "2025-12-26T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1138",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-26T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu Platform. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu Platform",
"vendor_advisories": [
{
"published_at": "2025-12-25",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36640",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36640"
}
]
}
CERTFR-2025-AVI-1129
Vulnerability from certfr_avis - Published: 2025-12-19 - Updated: 2025-12-19
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Extended App Support pour Tanzu Platform versions antérieures à 1.0.11 | ||
| VMware | Tanzu Platform | Cloud Native Buildpacks pour Tanzu Platform versions antérieures à 0.6.1 | ||
| VMware | Tanzu Platform | Elastic Application Runtime pour Tanzu Platform versions antérieures à 10.3.2 | ||
| VMware | Tanzu Platform | Elastic Application Runtime pour Tanzu Platform versions antérieures à 10.2.6+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | .NET Core Buildpack versions antérieures à 2.4.72 | ||
| VMware | Tanzu Platform | Elastic Application Runtime pour Tanzu Platform versions antérieures à 6.0.23+LTS-T |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Extended App Support pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.0.11",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Native Buildpacks pour Tanzu Platform versions ant\u00e9rieures \u00e0 0.6.1",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.2",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.6+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": ".NET Core Buildpack versions ant\u00e9rieures \u00e0 2.4.72",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.23+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3573"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2025-64329",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64329"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2025-61727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2025-27111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27111"
},
{
"name": "CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-46727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46727"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-31133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
},
{
"name": "CVE-2024-3044",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3044"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2020-7792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7792"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"name": "CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-66030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66030"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2024-12905",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12905"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"name": "CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-25184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25184"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2025-58181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
},
{
"name": "CVE-2025-47914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
},
{
"name": "CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-12194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12194"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2025-64756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2025-59419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59419"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2025-57352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57352"
},
{
"name": "CVE-2025-32441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32441"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
}
],
"initial_release_date": "2025-12-19T00:00:00",
"last_revision_date": "2025-12-19T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1129",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-25",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36626"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36633",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36633"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36630",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36630"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36631",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36631"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-26",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36629"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36632",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36632"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-25",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36627"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-26",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36628"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36625",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36625"
}
]
}
CERTFR-2025-AVI-1078
Vulnerability from certfr_avis - Published: 2025-12-08 - Updated: 2025-12-08
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | cbl2 msft-golang 1.24.9-1 | ||
| Microsoft | N/A | cbl2 golang 1.22.7-5 | ||
| Microsoft | N/A | azl3 golang 1.23.12-1 | ||
| Microsoft | N/A | cbl2 python3 3.9.19-16 | ||
| Microsoft | N/A | cbl2 python-tensorboard 2.11.0-3 | ||
| Microsoft | N/A | cbl2 qt5-qtbase 5.12.11-18 | ||
| Microsoft | N/A | cbl2 reaper 3.1.1-21 | ||
| Microsoft | N/A | cbl2 python3 3.9.19-17 | ||
| Microsoft | N/A | azl3 python-tensorboard 2.16.2-6 | ||
| Microsoft | N/A | azl3 kernel 6.6.112.1-2 | ||
| Microsoft | N/A | cbl2 vim 9.1.1616-1 | ||
| Microsoft | N/A | cbl2 kernel 5.15.186.1-1 | ||
| Microsoft | N/A | azl3 tensorflow 2.16.1-9 | ||
| Microsoft | N/A | cbl2 gcc 11.2.0-8 | ||
| Microsoft | N/A | azl3 vim 9.1.1616-1 | ||
| Microsoft | N/A | azl3 golang 1.25.3-1 | ||
| Microsoft | N/A | azl3 pgbouncer 1.24.1-1 | ||
| Microsoft | N/A | cbl2 tensorflow 2.11.1-2 | ||
| Microsoft | N/A | azl3 libpng 1.6.40-1 versions antérieures à 1.6.52-1 | ||
| Microsoft | N/A | azl3 gcc 13.2.0-7 | ||
| Microsoft | N/A | azl3 python3 3.12.9-5 | ||
| Microsoft | N/A | cbl2 golang 1.18.8-10 | ||
| Microsoft | N/A | cbl2 reaper 3.1.1-19 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "cbl2 msft-golang 1.24.9-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 golang 1.22.7-5",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 golang 1.23.12-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 python3 3.9.19-16",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 python-tensorboard 2.11.0-3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 qt5-qtbase 5.12.11-18",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 reaper 3.1.1-21",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 python3 3.9.19-17",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 python-tensorboard 2.16.2-6",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 kernel 6.6.112.1-2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 vim 9.1.1616-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 kernel 5.15.186.1-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 tensorflow 2.16.1-9",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 gcc 11.2.0-8",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 vim 9.1.1616-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 golang 1.25.3-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 pgbouncer 1.24.1-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 tensorflow 2.11.1-2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 libpng 1.6.40-1 versions ant\u00e9rieures \u00e0 1.6.52-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 gcc 13.2.0-7",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 python3 3.12.9-5",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 golang 1.18.8-10",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 reaper 3.1.1-19",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-40254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40254"
},
{
"name": "CVE-2025-40219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40219"
},
{
"name": "CVE-2025-40240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40240"
},
{
"name": "CVE-2025-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
},
{
"name": "CVE-2023-53209",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53209"
},
{
"name": "CVE-2025-40251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40251"
},
{
"name": "CVE-2025-13837",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13837"
},
{
"name": "CVE-2022-50304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50304"
},
{
"name": "CVE-2025-40245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40245"
},
{
"name": "CVE-2025-40233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40233"
},
{
"name": "CVE-2025-40242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40242"
},
{
"name": "CVE-2025-61727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
},
{
"name": "CVE-2025-40252",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40252"
},
{
"name": "CVE-2025-40218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40218"
},
{
"name": "CVE-2025-40220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40220"
},
{
"name": "CVE-2025-40257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40257"
},
{
"name": "CVE-2025-40263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40263"
},
{
"name": "CVE-2025-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13836"
},
{
"name": "CVE-2025-66293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66293"
},
{
"name": "CVE-2025-40250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40250"
},
{
"name": "CVE-2025-40264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40264"
},
{
"name": "CVE-2025-66476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66476"
},
{
"name": "CVE-2022-50303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50303"
},
{
"name": "CVE-2025-40243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40243"
},
{
"name": "CVE-2025-40266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40266"
},
{
"name": "CVE-2024-6485",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6485"
},
{
"name": "CVE-2025-12385",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12385"
},
{
"name": "CVE-2023-53231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53231"
},
{
"name": "CVE-2025-40247",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40247"
},
{
"name": "CVE-2025-40215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40215"
},
{
"name": "CVE-2025-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40217"
},
{
"name": "CVE-2025-40248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40248"
},
{
"name": "CVE-2025-40259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40259"
},
{
"name": "CVE-2025-40253",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40253"
},
{
"name": "CVE-2025-12819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12819"
},
{
"name": "CVE-2025-40258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40258"
},
{
"name": "CVE-2025-34297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-34297"
},
{
"name": "CVE-2025-40262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40262"
},
{
"name": "CVE-2025-40261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40261"
},
{
"name": "CVE-2025-40244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40244"
},
{
"name": "CVE-2025-40223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40223"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
}
],
"initial_release_date": "2025-12-08T00:00:00",
"last_revision_date": "2025-12-08T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1078",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-08T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
"vendor_advisories": [
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40254",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40254"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40257",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40257"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40245",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40245"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40258",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40258"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-50304",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-50304"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40219",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40219"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40233",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40233"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40244",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40244"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-53209",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-53209"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-61729",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-61729"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40262",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40262"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40253",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40253"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40223",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40223"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40217",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40217"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-6485",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-6485"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40252",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40252"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40250",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40250"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40261",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40261"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40215",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40215"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40264",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40264"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40263",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40263"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-12084",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12084"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-12385",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12385"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-12819",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12819"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-61727",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-61727"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40242",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40242"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40259",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40259"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-50303",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-50303"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40243",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40243"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40251",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40251"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40247",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40247"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40220",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40220"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-66476",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-66476"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40240",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40240"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40248",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40248"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-13836",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13836"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-66293",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-66293"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-53231",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-53231"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40218",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40218"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-13837",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13837"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40266",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40266"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-34297",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-34297"
}
]
}
CERTFR-2025-AVI-1138
Vulnerability from certfr_avis - Published: 2025-12-26 - Updated: 2025-12-26
De multiples vulnérabilités ont été découvertes dans VMware Tanzu Platform. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | AI Services pour Tanzu Platform versions antérieures à 10.3.2 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "AI Services pour Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.2",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-62727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62727"
},
{
"name": "CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"name": "CVE-2025-62426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62426"
},
{
"name": "CVE-2025-61727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
},
{
"name": "CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-31133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-62164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62164"
},
{
"name": "CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"name": "CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"name": "CVE-2025-66448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66448"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"name": "CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"name": "CVE-2025-34351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-34351"
},
{
"name": "CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"name": "CVE-2023-48022",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48022"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2025-62593",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62593"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
}
],
"initial_release_date": "2025-12-26T00:00:00",
"last_revision_date": "2025-12-26T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1138",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-26T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu Platform. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu Platform",
"vendor_advisories": [
{
"published_at": "2025-12-25",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36640",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36640"
}
]
}
CERTFR-2025-AVI-1129
Vulnerability from certfr_avis - Published: 2025-12-19 - Updated: 2025-12-19
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Extended App Support pour Tanzu Platform versions antérieures à 1.0.11 | ||
| VMware | Tanzu Platform | Cloud Native Buildpacks pour Tanzu Platform versions antérieures à 0.6.1 | ||
| VMware | Tanzu Platform | Elastic Application Runtime pour Tanzu Platform versions antérieures à 10.3.2 | ||
| VMware | Tanzu Platform | Elastic Application Runtime pour Tanzu Platform versions antérieures à 10.2.6+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | .NET Core Buildpack versions antérieures à 2.4.72 | ||
| VMware | Tanzu Platform | Elastic Application Runtime pour Tanzu Platform versions antérieures à 6.0.23+LTS-T |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Extended App Support pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.0.11",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Native Buildpacks pour Tanzu Platform versions ant\u00e9rieures \u00e0 0.6.1",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.2",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.6+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": ".NET Core Buildpack versions ant\u00e9rieures \u00e0 2.4.72",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.23+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3573"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2025-64329",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64329"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2025-61727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2025-27111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27111"
},
{
"name": "CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-46727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46727"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-31133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
},
{
"name": "CVE-2024-3044",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3044"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2020-7792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7792"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"name": "CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-66030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66030"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2024-12905",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12905"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"name": "CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-25184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25184"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2025-58181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
},
{
"name": "CVE-2025-47914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
},
{
"name": "CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-12194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12194"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2025-64756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2025-59419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59419"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2025-57352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57352"
},
{
"name": "CVE-2025-32441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32441"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
}
],
"initial_release_date": "2025-12-19T00:00:00",
"last_revision_date": "2025-12-19T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1129",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-25",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36626"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36633",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36633"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36630",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36630"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36631",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36631"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-26",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36629"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36632",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36632"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-25",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36627"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-26",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36628"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36625",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36625"
}
]
}
CERTFR-2025-AVI-1078
Vulnerability from certfr_avis - Published: 2025-12-08 - Updated: 2025-12-08
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | cbl2 msft-golang 1.24.9-1 | ||
| Microsoft | N/A | cbl2 golang 1.22.7-5 | ||
| Microsoft | N/A | azl3 golang 1.23.12-1 | ||
| Microsoft | N/A | cbl2 python3 3.9.19-16 | ||
| Microsoft | N/A | cbl2 python-tensorboard 2.11.0-3 | ||
| Microsoft | N/A | cbl2 qt5-qtbase 5.12.11-18 | ||
| Microsoft | N/A | cbl2 reaper 3.1.1-21 | ||
| Microsoft | N/A | cbl2 python3 3.9.19-17 | ||
| Microsoft | N/A | azl3 python-tensorboard 2.16.2-6 | ||
| Microsoft | N/A | azl3 kernel 6.6.112.1-2 | ||
| Microsoft | N/A | cbl2 vim 9.1.1616-1 | ||
| Microsoft | N/A | cbl2 kernel 5.15.186.1-1 | ||
| Microsoft | N/A | azl3 tensorflow 2.16.1-9 | ||
| Microsoft | N/A | cbl2 gcc 11.2.0-8 | ||
| Microsoft | N/A | azl3 vim 9.1.1616-1 | ||
| Microsoft | N/A | azl3 golang 1.25.3-1 | ||
| Microsoft | N/A | azl3 pgbouncer 1.24.1-1 | ||
| Microsoft | N/A | cbl2 tensorflow 2.11.1-2 | ||
| Microsoft | N/A | azl3 libpng 1.6.40-1 versions antérieures à 1.6.52-1 | ||
| Microsoft | N/A | azl3 gcc 13.2.0-7 | ||
| Microsoft | N/A | azl3 python3 3.12.9-5 | ||
| Microsoft | N/A | cbl2 golang 1.18.8-10 | ||
| Microsoft | N/A | cbl2 reaper 3.1.1-19 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "cbl2 msft-golang 1.24.9-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 golang 1.22.7-5",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 golang 1.23.12-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 python3 3.9.19-16",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 python-tensorboard 2.11.0-3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 qt5-qtbase 5.12.11-18",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 reaper 3.1.1-21",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 python3 3.9.19-17",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 python-tensorboard 2.16.2-6",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 kernel 6.6.112.1-2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 vim 9.1.1616-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 kernel 5.15.186.1-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 tensorflow 2.16.1-9",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 gcc 11.2.0-8",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 vim 9.1.1616-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 golang 1.25.3-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 pgbouncer 1.24.1-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 tensorflow 2.11.1-2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 libpng 1.6.40-1 versions ant\u00e9rieures \u00e0 1.6.52-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 gcc 13.2.0-7",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 python3 3.12.9-5",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 golang 1.18.8-10",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 reaper 3.1.1-19",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-40254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40254"
},
{
"name": "CVE-2025-40219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40219"
},
{
"name": "CVE-2025-40240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40240"
},
{
"name": "CVE-2025-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
},
{
"name": "CVE-2023-53209",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53209"
},
{
"name": "CVE-2025-40251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40251"
},
{
"name": "CVE-2025-13837",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13837"
},
{
"name": "CVE-2022-50304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50304"
},
{
"name": "CVE-2025-40245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40245"
},
{
"name": "CVE-2025-40233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40233"
},
{
"name": "CVE-2025-40242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40242"
},
{
"name": "CVE-2025-61727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
},
{
"name": "CVE-2025-40252",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40252"
},
{
"name": "CVE-2025-40218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40218"
},
{
"name": "CVE-2025-40220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40220"
},
{
"name": "CVE-2025-40257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40257"
},
{
"name": "CVE-2025-40263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40263"
},
{
"name": "CVE-2025-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13836"
},
{
"name": "CVE-2025-66293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66293"
},
{
"name": "CVE-2025-40250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40250"
},
{
"name": "CVE-2025-40264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40264"
},
{
"name": "CVE-2025-66476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66476"
},
{
"name": "CVE-2022-50303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50303"
},
{
"name": "CVE-2025-40243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40243"
},
{
"name": "CVE-2025-40266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40266"
},
{
"name": "CVE-2024-6485",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6485"
},
{
"name": "CVE-2025-12385",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12385"
},
{
"name": "CVE-2023-53231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53231"
},
{
"name": "CVE-2025-40247",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40247"
},
{
"name": "CVE-2025-40215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40215"
},
{
"name": "CVE-2025-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40217"
},
{
"name": "CVE-2025-40248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40248"
},
{
"name": "CVE-2025-40259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40259"
},
{
"name": "CVE-2025-40253",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40253"
},
{
"name": "CVE-2025-12819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12819"
},
{
"name": "CVE-2025-40258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40258"
},
{
"name": "CVE-2025-34297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-34297"
},
{
"name": "CVE-2025-40262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40262"
},
{
"name": "CVE-2025-40261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40261"
},
{
"name": "CVE-2025-40244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40244"
},
{
"name": "CVE-2025-40223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40223"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
}
],
"initial_release_date": "2025-12-08T00:00:00",
"last_revision_date": "2025-12-08T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1078",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-08T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
"vendor_advisories": [
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40254",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40254"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40257",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40257"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40245",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40245"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40258",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40258"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-50304",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-50304"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40219",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40219"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40233",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40233"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40244",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40244"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-53209",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-53209"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-61729",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-61729"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40262",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40262"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40253",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40253"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40223",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40223"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40217",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40217"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-6485",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-6485"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40252",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40252"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40250",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40250"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40261",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40261"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40215",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40215"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40264",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40264"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40263",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40263"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-12084",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12084"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-12385",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12385"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-12819",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-12819"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-61727",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-61727"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40242",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40242"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40259",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40259"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-50303",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-50303"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40243",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40243"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40251",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40251"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40247",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40247"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40220",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40220"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-66476",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-66476"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40240",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40240"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40248",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40248"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-13836",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13836"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-66293",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-66293"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-53231",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-53231"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40218",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40218"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-13837",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-13837"
},
{
"published_at": "2025-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-40266",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40266"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-34297",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-34297"
}
]
}
GHSA-7C64-F9JR-V9H2
Vulnerability from github – Published: 2025-12-02 21:31 – Updated: 2025-12-03 00:30
VLAI?
Details
Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2025-61729"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-02T19:15:51Z",
"severity": "HIGH"
},
"details": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.",
"id": "GHSA-7c64-f9jr-v9h2",
"modified": "2025-12-03T00:30:28Z",
"published": "2025-12-02T21:31:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://go.dev/cl/725920"
},
{
"type": "WEB",
"url": "https://go.dev/issue/76445"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
SUSE-SU-2025:21192-1
Vulnerability from csaf_suse - Published: 2025-12-12 07:24 - Updated: 2025-12-12 07:24Summary
Security update for go1.25
Notes
Title of the patch
Security update for go1.25
Description of the patch
This update for go1.25 fixes the following issues:
Update to go1.25.5.
Security issues fixed:
- CVE-2025-61729: crypto/x509: excessive resource consumption in printing error string for host certificate validation
(bsc#1254431).
- CVE-2025-61727: crypto/x509: excluded subdomain constraint doesn't preclude wildcard SAN (bsc#1254430).
- CVE-2025-61725: net/mail: excessive CPU consumption in ParseAddress (bsc#1251253).
- CVE-2025-61724: net/textproto: excessive CPU consumption in Reader.ReadResponse (bsc#1251262).
- CVE-2025-61723: encoding/pem: quadratic complexity when parsing some invalid inputs (bsc#1251256).
- CVE-2025-58189: crypto/tls: ALPN negotiation error contains attacker controlled information (bsc#1251255).
- CVE-2025-58188: crypto/x509: panic when validating certificates with DSA public keys (bsc#1251260).
- CVE-2025-58187: crypto/x509: quadratic complexity when checking name constraints (bsc#1251254).
- CVE-2025-58186: net/http: lack of limit when parsing cookies can cause memory exhaustion (bsc#1251259).
- CVE-2025-58185: encoding/asn1: pre-allocating memory when parsing DER payload can cause memory exhaustion
(bsc#1251258).
- CVE-2025-58183: archive/tar: unbounded allocation when parsing GNU sparse map (bsc#1251261).
- CVE-2025-47912: net/url: insufficient validation of bracketed IPv6 hostnames (bsc#1251257).
- CVE-2025-47910: net/http: CrossOriginProtection insecure bypass patterns not limited to exact matches (bsc#1249141).
Other issues fixed and changes:
- Version 1.25.5:
* go#76245 mime: FormatMediaType and ParseMediaType not compatible across 1.24 to 1.25
* go#76360 os: on windows RemoveAll removing directories containing read-only files errors with unlinkat ... Access
is denied, ReOpenFile error handling followup
- Version 1.25.4:
* go#75480 cmd/link: linker panic and relocation errors with complex generics inlining
* go#75775 runtime: build fails when run via QEMU for linux/amd64 running on linux/arm64
* go#75790 crypto/internal/fips140/subtle: Go 1.25 subtle.xorBytes panic on MIPS
* go#75832 net/url: ipv4 mapped ipv6 addresses should be valid in square brackets
* go#75952 encoding/pem: regression when decoding blocks with leading garbage
* go#75989 os: on windows RemoveAll removing directories containing read-only files errors with unlinkat ... Access
is denied
* go#76010 cmd/compile: any(func(){})==any(func(){}) does not panic but should
* go#76029 pem/encoding: malformed line endings can cause panics
- Version 1.25.3:
* go#75861 crypto/x509: TLS validation fails for FQDNs with trailing dot
* go#75777 spec: Go1.25 spec should be dated closer to actual release date
- Version 1.25.2:
* go#75111 os, syscall: volume handles with FILE_FLAG_OVERLAPPED fail when calling ReadAt
* go#75116 os: Root.MkdirAll can return "file exists" when called concurrently on the same path
* go#75139 os: Root.OpenRoot sets incorrect name, losing prefix of original root
* go#75221 debug/pe: pe.Open fails on object files produced by llvm-mingw 21
* go#75255 cmd/compile: export to DWARF types only referenced through interfaces
* go#75347 testing/synctest: test timeout with no runnable goroutines
* go#75357 net: new test TestIPv4WriteMsgUDPAddrPortTargetAddrIPVersion fails on plan9
* go#75524 crypto/internal/fips140/rsa: requires a panic if self-tests fail
* go#75537 context: Err can return non-nil before Done channel is closed
* go#75539 net/http: internal error: connCount underflow
* go#75595 cmd/compile: internal compiler error with GOEXPERIMENT=cgocheck2 on github.com/leodido/go-urn
* go#75610 sync/atomic: comment for Uintptr.Or incorrectly describes return value
* go#75669 runtime: debug.decoratemappings don't work as expected
- Version 1.25.1:
* go#74822 cmd/go: "get toolchain@latest" should ignore release candidates
* go#74999 net: WriteMsgUDPAddrPort should accept IPv4-mapped IPv6 destination addresses on IPv4 UDP sockets
* go#75008 os/exec: TestLookPath fails on plan9 after CL 685755
* go#75021 testing/synctest: bubble not terminating
* go#75083 os: File.Seek doesn't set the correct offset with Windows overlapped handles
- Packaging: migrate from update-alternatives to libalternatives (bsc#1245878).
- Fix runtime condition for gcc/gcc7 dependency.
- Use at least gcc 7 for all architectures (bsc#1254227).
- Package svgpan.js to fix issues with "go tool pprof" (boo#1249985).
- Drop unused gccgo bootstrap code in go1.22+ (bsc#1248082).
Patchnames
SUSE-SLES-16.0-102
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.25",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.25 fixes the following issues:\n\nUpdate to go1.25.5.\n\nSecurity issues fixed:\n\n- CVE-2025-61729: crypto/x509: excessive resource consumption in printing error string for host certificate validation\n (bsc#1254431).\n- CVE-2025-61727: crypto/x509: excluded subdomain constraint doesn\u0027t preclude wildcard SAN (bsc#1254430).\n- CVE-2025-61725: net/mail: excessive CPU consumption in ParseAddress (bsc#1251253).\n- CVE-2025-61724: net/textproto: excessive CPU consumption in Reader.ReadResponse (bsc#1251262).\n- CVE-2025-61723: encoding/pem: quadratic complexity when parsing some invalid inputs (bsc#1251256).\n- CVE-2025-58189: crypto/tls: ALPN negotiation error contains attacker controlled information (bsc#1251255).\n- CVE-2025-58188: crypto/x509: panic when validating certificates with DSA public keys (bsc#1251260).\n- CVE-2025-58187: crypto/x509: quadratic complexity when checking name constraints (bsc#1251254).\n- CVE-2025-58186: net/http: lack of limit when parsing cookies can cause memory exhaustion (bsc#1251259).\n- CVE-2025-58185: encoding/asn1: pre-allocating memory when parsing DER payload can cause memory exhaustion\n (bsc#1251258).\n- CVE-2025-58183: archive/tar: unbounded allocation when parsing GNU sparse map (bsc#1251261).\n- CVE-2025-47912: net/url: insufficient validation of bracketed IPv6 hostnames (bsc#1251257).\n- CVE-2025-47910: net/http: CrossOriginProtection insecure bypass patterns not limited to exact matches (bsc#1249141).\n\nOther issues fixed and changes:\n\n- Version 1.25.5:\n * go#76245 mime: FormatMediaType and ParseMediaType not compatible across 1.24 to 1.25\n * go#76360 os: on windows RemoveAll removing directories containing read-only files errors with unlinkat ... Access\n is denied, ReOpenFile error handling followup\n\n- Version 1.25.4:\n * go#75480 cmd/link: linker panic and relocation errors with complex generics inlining\n * go#75775 runtime: build fails when run via QEMU for linux/amd64 running on linux/arm64\n * go#75790 crypto/internal/fips140/subtle: Go 1.25 subtle.xorBytes panic on MIPS\n * go#75832 net/url: ipv4 mapped ipv6 addresses should be valid in square brackets\n * go#75952 encoding/pem: regression when decoding blocks with leading garbage\n * go#75989 os: on windows RemoveAll removing directories containing read-only files errors with unlinkat ... Access\n is denied\n * go#76010 cmd/compile: any(func(){})==any(func(){}) does not panic but should\n * go#76029 pem/encoding: malformed line endings can cause panics\n\n- Version 1.25.3:\n * go#75861 crypto/x509: TLS validation fails for FQDNs with trailing dot\n * go#75777 spec: Go1.25 spec should be dated closer to actual release date\n\n- Version 1.25.2:\n * go#75111 os, syscall: volume handles with FILE_FLAG_OVERLAPPED fail when calling ReadAt\n * go#75116 os: Root.MkdirAll can return \"file exists\" when called concurrently on the same path\n * go#75139 os: Root.OpenRoot sets incorrect name, losing prefix of original root\n * go#75221 debug/pe: pe.Open fails on object files produced by llvm-mingw 21\n * go#75255 cmd/compile: export to DWARF types only referenced through interfaces\n * go#75347 testing/synctest: test timeout with no runnable goroutines\n * go#75357 net: new test TestIPv4WriteMsgUDPAddrPortTargetAddrIPVersion fails on plan9\n * go#75524 crypto/internal/fips140/rsa: requires a panic if self-tests fail\n * go#75537 context: Err can return non-nil before Done channel is closed\n * go#75539 net/http: internal error: connCount underflow\n * go#75595 cmd/compile: internal compiler error with GOEXPERIMENT=cgocheck2 on github.com/leodido/go-urn\n * go#75610 sync/atomic: comment for Uintptr.Or incorrectly describes return value\n * go#75669 runtime: debug.decoratemappings don\u0027t work as expected\n\n- Version 1.25.1:\n * go#74822 cmd/go: \"get toolchain@latest\" should ignore release candidates\n * go#74999 net: WriteMsgUDPAddrPort should accept IPv4-mapped IPv6 destination addresses on IPv4 UDP sockets\n * go#75008 os/exec: TestLookPath fails on plan9 after CL 685755\n * go#75021 testing/synctest: bubble not terminating\n * go#75083 os: File.Seek doesn\u0027t set the correct offset with Windows overlapped handles\n\n- Packaging: migrate from update-alternatives to libalternatives (bsc#1245878).\n- Fix runtime condition for gcc/gcc7 dependency.\n- Use at least gcc 7 for all architectures (bsc#1254227).\n- Package svgpan.js to fix issues with \"go tool pprof\" (boo#1249985).\n- Drop unused gccgo bootstrap code in go1.22+ (bsc#1248082).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-102",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_21192-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:21192-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202521192-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:21192-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023549.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244485",
"url": "https://bugzilla.suse.com/1244485"
},
{
"category": "self",
"summary": "SUSE Bug 1245878",
"url": "https://bugzilla.suse.com/1245878"
},
{
"category": "self",
"summary": "SUSE Bug 1247816",
"url": "https://bugzilla.suse.com/1247816"
},
{
"category": "self",
"summary": "SUSE Bug 1248082",
"url": "https://bugzilla.suse.com/1248082"
},
{
"category": "self",
"summary": "SUSE Bug 1249141",
"url": "https://bugzilla.suse.com/1249141"
},
{
"category": "self",
"summary": "SUSE Bug 1249985",
"url": "https://bugzilla.suse.com/1249985"
},
{
"category": "self",
"summary": "SUSE Bug 1251253",
"url": "https://bugzilla.suse.com/1251253"
},
{
"category": "self",
"summary": "SUSE Bug 1251254",
"url": "https://bugzilla.suse.com/1251254"
},
{
"category": "self",
"summary": "SUSE Bug 1251255",
"url": "https://bugzilla.suse.com/1251255"
},
{
"category": "self",
"summary": "SUSE Bug 1251256",
"url": "https://bugzilla.suse.com/1251256"
},
{
"category": "self",
"summary": "SUSE Bug 1251257",
"url": "https://bugzilla.suse.com/1251257"
},
{
"category": "self",
"summary": "SUSE Bug 1251258",
"url": "https://bugzilla.suse.com/1251258"
},
{
"category": "self",
"summary": "SUSE Bug 1251259",
"url": "https://bugzilla.suse.com/1251259"
},
{
"category": "self",
"summary": "SUSE Bug 1251260",
"url": "https://bugzilla.suse.com/1251260"
},
{
"category": "self",
"summary": "SUSE Bug 1251261",
"url": "https://bugzilla.suse.com/1251261"
},
{
"category": "self",
"summary": "SUSE Bug 1251262",
"url": "https://bugzilla.suse.com/1251262"
},
{
"category": "self",
"summary": "SUSE Bug 1254227",
"url": "https://bugzilla.suse.com/1254227"
},
{
"category": "self",
"summary": "SUSE Bug 1254430",
"url": "https://bugzilla.suse.com/1254430"
},
{
"category": "self",
"summary": "SUSE Bug 1254431",
"url": "https://bugzilla.suse.com/1254431"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47910 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58183 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58185 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58186 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58187 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58188 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58189 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58189/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61723 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61724 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61725 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61729 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61729/"
}
],
"title": "Security update for go1.25",
"tracking": {
"current_release_date": "2025-12-12T07:24:50Z",
"generator": {
"date": "2025-12-12T07:24:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:21192-1",
"initial_release_date": "2025-12-12T07:24:50Z",
"revision_history": [
{
"date": "2025-12-12T07:24:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.5-160000.1.1.aarch64",
"product": {
"name": "go1.25-1.25.5-160000.1.1.aarch64",
"product_id": "go1.25-1.25.5-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.5-160000.1.1.aarch64",
"product": {
"name": "go1.25-doc-1.25.5-160000.1.1.aarch64",
"product_id": "go1.25-doc-1.25.5-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.5-160000.1.1.aarch64",
"product": {
"name": "go1.25-libstd-1.25.5-160000.1.1.aarch64",
"product_id": "go1.25-libstd-1.25.5-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.5-160000.1.1.aarch64",
"product": {
"name": "go1.25-race-1.25.5-160000.1.1.aarch64",
"product_id": "go1.25-race-1.25.5-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.5-160000.1.1.ppc64le",
"product": {
"name": "go1.25-1.25.5-160000.1.1.ppc64le",
"product_id": "go1.25-1.25.5-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.5-160000.1.1.ppc64le",
"product": {
"name": "go1.25-doc-1.25.5-160000.1.1.ppc64le",
"product_id": "go1.25-doc-1.25.5-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.5-160000.1.1.ppc64le",
"product": {
"name": "go1.25-race-1.25.5-160000.1.1.ppc64le",
"product_id": "go1.25-race-1.25.5-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.5-160000.1.1.s390x",
"product": {
"name": "go1.25-1.25.5-160000.1.1.s390x",
"product_id": "go1.25-1.25.5-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.5-160000.1.1.s390x",
"product": {
"name": "go1.25-doc-1.25.5-160000.1.1.s390x",
"product_id": "go1.25-doc-1.25.5-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.5-160000.1.1.s390x",
"product": {
"name": "go1.25-race-1.25.5-160000.1.1.s390x",
"product_id": "go1.25-race-1.25.5-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.5-160000.1.1.x86_64",
"product": {
"name": "go1.25-1.25.5-160000.1.1.x86_64",
"product_id": "go1.25-1.25.5-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.5-160000.1.1.x86_64",
"product": {
"name": "go1.25-doc-1.25.5-160000.1.1.x86_64",
"product_id": "go1.25-doc-1.25.5-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.5-160000.1.1.x86_64",
"product": {
"name": "go1.25-libstd-1.25.5-160000.1.1.x86_64",
"product_id": "go1.25-libstd-1.25.5-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.5-160000.1.1.x86_64",
"product": {
"name": "go1.25-race-1.25.5-160000.1.1.x86_64",
"product_id": "go1.25-race-1.25.5-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64"
},
"product_reference": "go1.25-1.25.5-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le"
},
"product_reference": "go1.25-1.25.5-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x"
},
"product_reference": "go1.25-1.25.5-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64"
},
"product_reference": "go1.25-1.25.5-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.5-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.5-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x"
},
"product_reference": "go1.25-doc-1.25.5-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.5-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64"
},
"product_reference": "go1.25-libstd-1.25.5-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.5-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64"
},
"product_reference": "go1.25-libstd-1.25.5-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64"
},
"product_reference": "go1.25-race-1.25.5-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.5-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x"
},
"product_reference": "go1.25-race-1.25.5-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64"
},
"product_reference": "go1.25-1.25.5-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le"
},
"product_reference": "go1.25-1.25.5-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x"
},
"product_reference": "go1.25-1.25.5-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64"
},
"product_reference": "go1.25-1.25.5-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.5-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.5-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x"
},
"product_reference": "go1.25-doc-1.25.5-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.5-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64"
},
"product_reference": "go1.25-libstd-1.25.5-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.5-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64"
},
"product_reference": "go1.25-libstd-1.25.5-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64"
},
"product_reference": "go1.25-race-1.25.5-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.5-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x"
},
"product_reference": "go1.25-race-1.25.5-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47910"
}
],
"notes": [
{
"category": "general",
"text": "When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47910",
"url": "https://www.suse.com/security/cve/CVE-2025-47910"
},
{
"category": "external",
"summary": "SUSE Bug 1249141 for CVE-2025-47910",
"url": "https://bugzilla.suse.com/1249141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:24:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-47910"
},
{
"cve": "CVE-2025-47912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47912"
}
],
"notes": [
{
"category": "general",
"text": "The Parse function permits values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed within square brackets. For example: \"http://[::1]/\". IPv4 addresses and hostnames must not appear within square brackets. Parse did not enforce this requirement.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47912",
"url": "https://www.suse.com/security/cve/CVE-2025-47912"
},
{
"category": "external",
"summary": "SUSE Bug 1251257 for CVE-2025-47912",
"url": "https://bugzilla.suse.com/1251257"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:24:50Z",
"details": "important"
}
],
"title": "CVE-2025-47912"
},
{
"cve": "CVE-2025-58183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58183"
}
],
"notes": [
{
"category": "general",
"text": "tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a compressed source, a small compressed input can result in large allocations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58183",
"url": "https://www.suse.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "SUSE Bug 1251261 for CVE-2025-58183",
"url": "https://bugzilla.suse.com/1251261"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:24:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-58183"
},
{
"cve": "CVE-2025-58185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58185"
}
],
"notes": [
{
"category": "general",
"text": "Parsing a maliciously crafted DER payload could allocate large amounts of memory, causing memory exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58185",
"url": "https://www.suse.com/security/cve/CVE-2025-58185"
},
{
"category": "external",
"summary": "SUSE Bug 1251258 for CVE-2025-58185",
"url": "https://bugzilla.suse.com/1251258"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:24:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-58185"
},
{
"cve": "CVE-2025-58186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58186"
}
],
"notes": [
{
"category": "general",
"text": "Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as \"a=;\", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58186",
"url": "https://www.suse.com/security/cve/CVE-2025-58186"
},
{
"category": "external",
"summary": "SUSE Bug 1251259 for CVE-2025-58186",
"url": "https://bugzilla.suse.com/1251259"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:24:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-58186"
},
{
"cve": "CVE-2025-58187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58187"
}
],
"notes": [
{
"category": "general",
"text": "Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58187",
"url": "https://www.suse.com/security/cve/CVE-2025-58187"
},
{
"category": "external",
"summary": "SUSE Bug 1251254 for CVE-2025-58187",
"url": "https://bugzilla.suse.com/1251254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:24:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-58187"
},
{
"cve": "CVE-2025-58188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58188"
}
],
"notes": [
{
"category": "general",
"text": "Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58188",
"url": "https://www.suse.com/security/cve/CVE-2025-58188"
},
{
"category": "external",
"summary": "SUSE Bug 1251260 for CVE-2025-58188",
"url": "https://bugzilla.suse.com/1251260"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:24:50Z",
"details": "important"
}
],
"title": "CVE-2025-58188"
},
{
"cve": "CVE-2025-58189",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58189"
}
],
"notes": [
{
"category": "general",
"text": "When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information (the ALPN protocols sent by the client) which is not escaped.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58189",
"url": "https://www.suse.com/security/cve/CVE-2025-58189"
},
{
"category": "external",
"summary": "SUSE Bug 1251255 for CVE-2025-58189",
"url": "https://bugzilla.suse.com/1251255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:24:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-58189"
},
{
"cve": "CVE-2025-61723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61723"
}
],
"notes": [
{
"category": "general",
"text": "The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61723",
"url": "https://www.suse.com/security/cve/CVE-2025-61723"
},
{
"category": "external",
"summary": "SUSE Bug 1251256 for CVE-2025-61723",
"url": "https://bugzilla.suse.com/1251256"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:24:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-61723"
},
{
"cve": "CVE-2025-61724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61724"
}
],
"notes": [
{
"category": "general",
"text": "The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61724",
"url": "https://www.suse.com/security/cve/CVE-2025-61724"
},
{
"category": "external",
"summary": "SUSE Bug 1251262 for CVE-2025-61724",
"url": "https://bugzilla.suse.com/1251262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:24:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-61724"
},
{
"cve": "CVE-2025-61725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61725"
}
],
"notes": [
{
"category": "general",
"text": "The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61725",
"url": "https://www.suse.com/security/cve/CVE-2025-61725"
},
{
"category": "external",
"summary": "SUSE Bug 1251253 for CVE-2025-61725",
"url": "https://bugzilla.suse.com/1251253"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:24:50Z",
"details": "moderate"
}
],
"title": "CVE-2025-61725"
},
{
"cve": "CVE-2025-61727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61727"
}
],
"notes": [
{
"category": "general",
"text": "An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN *.example.com.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61727",
"url": "https://www.suse.com/security/cve/CVE-2025-61727"
},
{
"category": "external",
"summary": "SUSE Bug 1254430 for CVE-2025-61727",
"url": "https://bugzilla.suse.com/1254430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:24:50Z",
"details": "important"
}
],
"title": "CVE-2025-61727"
},
{
"cve": "CVE-2025-61729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61729"
}
],
"notes": [
{
"category": "general",
"text": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61729",
"url": "https://www.suse.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "SUSE Bug 1254431 for CVE-2025-61729",
"url": "https://bugzilla.suse.com/1254431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.25-race-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-doc-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-libstd-1.25.5-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.25-race-1.25.5-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:24:50Z",
"details": "important"
}
],
"title": "CVE-2025-61729"
}
]
}
SUSE-SU-2025:4336-1
Vulnerability from csaf_suse - Published: 2025-12-09 23:50 - Updated: 2025-12-09 23:50Summary
Security update for go1.25
Notes
Title of the patch
Security update for go1.25
Description of the patch
This update for go1.25 fixes the following issues:
go1.25.5 (released 2025-12-02) includes two security fixes to the
crypto/x509 package, as well as bug fixes to the mime and os
packages.
(bsc#1244485)
CVE-2025-61729 CVE-2025-61727:
* go#76461 go#76445 bsc#1254431 security: fix CVE-2025-61729 crypto/x509: excessive resource consumption in printing error string for host certificate validation
* go#76464 go#76442 bsc#1254430 security: fix CVE-2025-61727 crypto/x509: excluded subdomain constraint doesn't preclude wildcard SAN
* go#76245 mime: FormatMediaType and ParseMediaType not compatible across 1.24 to 1.25
* go#76360 os: on windows RemoveAll removing directories containing read-only files errors with unlinkat ... Access is denied, ReOpenFile error handling followup
- Packaging: Migrate from update-alternatives to libalternatives (bsc#1245878)
* This is an optional migration controlled via prjconf definition
with_libalternatives
* If with_libalternatives is not defined packaging continues to
use update-alternatives
go1.25.4 (released 2025-11-05) includes fixes to the compiler,
the runtime, and the crypto/subtle, encoding/pem, net/url, and os
packages. (bsc#1244485)
* go#75480 cmd/link: linker panic and relocation errors with complex generics inlining
* go#75775 runtime: build fails when run via QEMU for linux/amd64 running on linux/arm64
* go#75790 crypto/internal/fips140/subtle: Go 1.25 subtle.xorBytes panic on MIPS
* go#75832 net/url: ipv4 mapped ipv6 addresses should be valid in square brackets
* go#75952 encoding/pem: regression when decoding blocks with leading garbage
* go#75989 os: on windows RemoveAll removing directories containing read-only files errors with unlinkat ... Access is denied
* go#76010 cmd/compile: any(func(){})==any(func(){}) does not panic but should
* go#76029 pem/encoding: malformed line endings can cause panics
Patchnames
SUSE-2025-4336,SUSE-SLE-Module-Development-Tools-15-SP6-2025-4336,SUSE-SLE-Module-Development-Tools-15-SP7-2025-4336,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4336,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4336,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4336,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4336,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4336,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4336,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4336,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4336,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4336,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4336,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4336,SUSE-Storage-7.1-2025-4336,openSUSE-SLE-15.6-2025-4336
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.25",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.25 fixes the following issues:\n\ngo1.25.5 (released 2025-12-02) includes two security fixes to the\ncrypto/x509 package, as well as bug fixes to the mime and os\npackages.\n(bsc#1244485)\n\n CVE-2025-61729 CVE-2025-61727:\n\n * go#76461 go#76445 bsc#1254431 security: fix CVE-2025-61729 crypto/x509: excessive resource consumption in printing error string for host certificate validation\n * go#76464 go#76442 bsc#1254430 security: fix CVE-2025-61727 crypto/x509: excluded subdomain constraint doesn\u0027t preclude wildcard SAN\n * go#76245 mime: FormatMediaType and ParseMediaType not compatible across 1.24 to 1.25\n * go#76360 os: on windows RemoveAll removing directories containing read-only files errors with unlinkat ... Access is denied, ReOpenFile error handling followup\n\n- Packaging: Migrate from update-alternatives to libalternatives (bsc#1245878)\n\n * This is an optional migration controlled via prjconf definition\n with_libalternatives\n * If with_libalternatives is not defined packaging continues to\n use update-alternatives\n\ngo1.25.4 (released 2025-11-05) includes fixes to the compiler,\nthe runtime, and the crypto/subtle, encoding/pem, net/url, and os\npackages. (bsc#1244485)\n\n * go#75480 cmd/link: linker panic and relocation errors with complex generics inlining\n * go#75775 runtime: build fails when run via QEMU for linux/amd64 running on linux/arm64\n * go#75790 crypto/internal/fips140/subtle: Go 1.25 subtle.xorBytes panic on MIPS\n * go#75832 net/url: ipv4 mapped ipv6 addresses should be valid in square brackets\n * go#75952 encoding/pem: regression when decoding blocks with leading garbage\n * go#75989 os: on windows RemoveAll removing directories containing read-only files errors with unlinkat ... Access is denied\n * go#76010 cmd/compile: any(func(){})==any(func(){}) does not panic but should\n * go#76029 pem/encoding: malformed line endings can cause panics\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4336,SUSE-SLE-Module-Development-Tools-15-SP6-2025-4336,SUSE-SLE-Module-Development-Tools-15-SP7-2025-4336,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4336,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4336,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4336,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4336,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4336,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4336,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4336,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4336,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4336,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4336,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4336,SUSE-Storage-7.1-2025-4336,openSUSE-SLE-15.6-2025-4336",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4336-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4336-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254336-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4336-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023493.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244485",
"url": "https://bugzilla.suse.com/1244485"
},
{
"category": "self",
"summary": "SUSE Bug 1245878",
"url": "https://bugzilla.suse.com/1245878"
},
{
"category": "self",
"summary": "SUSE Bug 1254227",
"url": "https://bugzilla.suse.com/1254227"
},
{
"category": "self",
"summary": "SUSE Bug 1254430",
"url": "https://bugzilla.suse.com/1254430"
},
{
"category": "self",
"summary": "SUSE Bug 1254431",
"url": "https://bugzilla.suse.com/1254431"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61729 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61729/"
}
],
"title": "Security update for go1.25",
"tracking": {
"current_release_date": "2025-12-09T23:50:12Z",
"generator": {
"date": "2025-12-09T23:50:12Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4336-1",
"initial_release_date": "2025-12-09T23:50:12Z",
"revision_history": [
{
"date": "2025-12-09T23:50:12Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.5-150000.1.23.1.aarch64",
"product": {
"name": "go1.25-1.25.5-150000.1.23.1.aarch64",
"product_id": "go1.25-1.25.5-150000.1.23.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"product": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"product_id": "go1.25-doc-1.25.5-150000.1.23.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.5-150000.1.23.1.aarch64",
"product": {
"name": "go1.25-race-1.25.5-150000.1.23.1.aarch64",
"product_id": "go1.25-race-1.25.5-150000.1.23.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.5-150000.1.23.1.i586",
"product": {
"name": "go1.25-1.25.5-150000.1.23.1.i586",
"product_id": "go1.25-1.25.5-150000.1.23.1.i586"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.5-150000.1.23.1.i586",
"product": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.i586",
"product_id": "go1.25-doc-1.25.5-150000.1.23.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.5-150000.1.23.1.ppc64le",
"product": {
"name": "go1.25-1.25.5-150000.1.23.1.ppc64le",
"product_id": "go1.25-1.25.5-150000.1.23.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"product": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"product_id": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"product": {
"name": "go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"product_id": "go1.25-race-1.25.5-150000.1.23.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.5-150000.1.23.1.s390x",
"product": {
"name": "go1.25-1.25.5-150000.1.23.1.s390x",
"product_id": "go1.25-1.25.5-150000.1.23.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.5-150000.1.23.1.s390x",
"product": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.s390x",
"product_id": "go1.25-doc-1.25.5-150000.1.23.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.5-150000.1.23.1.s390x",
"product": {
"name": "go1.25-race-1.25.5-150000.1.23.1.s390x",
"product_id": "go1.25-race-1.25.5-150000.1.23.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.5-150000.1.23.1.x86_64",
"product": {
"name": "go1.25-1.25.5-150000.1.23.1.x86_64",
"product_id": "go1.25-1.25.5-150000.1.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"product": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"product_id": "go1.25-doc-1.25.5-150000.1.23.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"product": {
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"product_id": "go1.25-race-1.25.5-150000.1.23.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-doc-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-doc-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-race-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-race-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.25-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.25-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.25-doc-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.25-doc-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.25-race-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.25-race-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-150000.1.23.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-150000.1.23.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.aarch64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.s390x"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-150000.1.23.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-150000.1.23.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61727"
}
],
"notes": [
{
"category": "general",
"text": "An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN *.example.com.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61727",
"url": "https://www.suse.com/security/cve/CVE-2025-61727"
},
{
"category": "external",
"summary": "SUSE Bug 1254430 for CVE-2025-61727",
"url": "https://bugzilla.suse.com/1254430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-09T23:50:12Z",
"details": "important"
}
],
"title": "CVE-2025-61727"
},
{
"cve": "CVE-2025-61729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61729"
}
],
"notes": [
{
"category": "general",
"text": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61729",
"url": "https://www.suse.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "SUSE Bug 1254431 for CVE-2025-61729",
"url": "https://bugzilla.suse.com/1254431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-doc-1.25.5-150000.1.23.1.x86_64",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.aarch64",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.ppc64le",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.s390x",
"openSUSE Leap 15.6:go1.25-race-1.25.5-150000.1.23.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-09T23:50:12Z",
"details": "important"
}
],
"title": "CVE-2025-61729"
}
]
}
SUSE-SU-2025:4337-1
Vulnerability from csaf_suse - Published: 2025-12-09 23:51 - Updated: 2025-12-09 23:51Summary
Security update for go1.24
Notes
Title of the patch
Security update for go1.24
Description of the patch
This update for go1.24 fixes the following issues:
go1.24.11 (released 2025-12-02) includes two security fixes to
the crypto/x509 package, as well as bug fixes to the runtime. (bsc#1236217)
CVE-2025-61727 CVE-2025-61729:
* go#76460 go#76445 bsc#1254431 security: fix CVE-2025-61729 crypto/x509: excessive resource consumption in printing error string for host certificate validation
* go#76463 go#76442 bsc#1254430 security: fix CVE-2025-61727 crypto/x509: excluded subdomain constraint doesn't preclude wildcard SAN
* go#76378 internal/cpu: incorrect CPU features bit parsing on loong64 cause illegal instruction core dumps on LA364 cores
- Packaging: Migrate from update-alternatives to libalternatives (bsc#1245878)
* This is an optional migration controlled via prjconf definition
with_libalternatives
* If with_libalternatives is not defined packaging continues to
use update-alternatives
Patchnames
SUSE-2025-4337,SUSE-SLE-Module-Development-Tools-15-SP6-2025-4337,SUSE-SLE-Module-Development-Tools-15-SP7-2025-4337,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4337,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4337,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4337,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4337,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4337,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4337,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4337,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4337,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4337,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4337,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4337,SUSE-Storage-7.1-2025-4337,openSUSE-SLE-15.6-2025-4337
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.24",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.24 fixes the following issues:\n\ngo1.24.11 (released 2025-12-02) includes two security fixes to\nthe crypto/x509 package, as well as bug fixes to the runtime. (bsc#1236217)\n\nCVE-2025-61727 CVE-2025-61729:\n\n * go#76460 go#76445 bsc#1254431 security: fix CVE-2025-61729 crypto/x509: excessive resource consumption in printing error string for host certificate validation\n * go#76463 go#76442 bsc#1254430 security: fix CVE-2025-61727 crypto/x509: excluded subdomain constraint doesn\u0027t preclude wildcard SAN\n\n * go#76378 internal/cpu: incorrect CPU features bit parsing on loong64 cause illegal instruction core dumps on LA364 cores\n\n- Packaging: Migrate from update-alternatives to libalternatives (bsc#1245878)\n * This is an optional migration controlled via prjconf definition\n with_libalternatives\n * If with_libalternatives is not defined packaging continues to\n use update-alternatives\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4337,SUSE-SLE-Module-Development-Tools-15-SP6-2025-4337,SUSE-SLE-Module-Development-Tools-15-SP7-2025-4337,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4337,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4337,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4337,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4337,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4337,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4337,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4337,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4337,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4337,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4337,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4337,SUSE-Storage-7.1-2025-4337,openSUSE-SLE-15.6-2025-4337",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4337-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4337-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254337-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4337-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023492.html"
},
{
"category": "self",
"summary": "SUSE Bug 1236217",
"url": "https://bugzilla.suse.com/1236217"
},
{
"category": "self",
"summary": "SUSE Bug 1245878",
"url": "https://bugzilla.suse.com/1245878"
},
{
"category": "self",
"summary": "SUSE Bug 1254430",
"url": "https://bugzilla.suse.com/1254430"
},
{
"category": "self",
"summary": "SUSE Bug 1254431",
"url": "https://bugzilla.suse.com/1254431"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61729 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61729/"
}
],
"title": "Security update for go1.24",
"tracking": {
"current_release_date": "2025-12-09T23:51:31Z",
"generator": {
"date": "2025-12-09T23:51:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4337-1",
"initial_release_date": "2025-12-09T23:51:31Z",
"revision_history": [
{
"date": "2025-12-09T23:51:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.11-150000.1.50.1.aarch64",
"product": {
"name": "go1.24-1.24.11-150000.1.50.1.aarch64",
"product_id": "go1.24-1.24.11-150000.1.50.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"product": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"product_id": "go1.24-doc-1.24.11-150000.1.50.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.11-150000.1.50.1.aarch64",
"product": {
"name": "go1.24-race-1.24.11-150000.1.50.1.aarch64",
"product_id": "go1.24-race-1.24.11-150000.1.50.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.11-150000.1.50.1.i586",
"product": {
"name": "go1.24-1.24.11-150000.1.50.1.i586",
"product_id": "go1.24-1.24.11-150000.1.50.1.i586"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.11-150000.1.50.1.i586",
"product": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.i586",
"product_id": "go1.24-doc-1.24.11-150000.1.50.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.11-150000.1.50.1.ppc64le",
"product": {
"name": "go1.24-1.24.11-150000.1.50.1.ppc64le",
"product_id": "go1.24-1.24.11-150000.1.50.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"product": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"product_id": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"product": {
"name": "go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"product_id": "go1.24-race-1.24.11-150000.1.50.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.11-150000.1.50.1.s390x",
"product": {
"name": "go1.24-1.24.11-150000.1.50.1.s390x",
"product_id": "go1.24-1.24.11-150000.1.50.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.11-150000.1.50.1.s390x",
"product": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.s390x",
"product_id": "go1.24-doc-1.24.11-150000.1.50.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.11-150000.1.50.1.s390x",
"product": {
"name": "go1.24-race-1.24.11-150000.1.50.1.s390x",
"product_id": "go1.24-race-1.24.11-150000.1.50.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.11-150000.1.50.1.x86_64",
"product": {
"name": "go1.24-1.24.11-150000.1.50.1.x86_64",
"product_id": "go1.24-1.24.11-150000.1.50.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"product": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"product_id": "go1.24-doc-1.24.11-150000.1.50.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"product": {
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"product_id": "go1.24-race-1.24.11-150000.1.50.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-race-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-race-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-race-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-race-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-doc-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-doc-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-race-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-race-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-doc-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-doc-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-race-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-race-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-doc-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-doc-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-race-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-race-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.24-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.24-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.24-doc-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.24-doc-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.24-race-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.24-race-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-150000.1.50.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-150000.1.50.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.aarch64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.ppc64le"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.s390x"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-150000.1.50.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-150000.1.50.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61727"
}
],
"notes": [
{
"category": "general",
"text": "An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN *.example.com.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61727",
"url": "https://www.suse.com/security/cve/CVE-2025-61727"
},
{
"category": "external",
"summary": "SUSE Bug 1254430 for CVE-2025-61727",
"url": "https://bugzilla.suse.com/1254430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-09T23:51:31Z",
"details": "important"
}
],
"title": "CVE-2025-61727"
},
{
"cve": "CVE-2025-61729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61729"
}
],
"notes": [
{
"category": "general",
"text": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61729",
"url": "https://www.suse.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "SUSE Bug 1254431 for CVE-2025-61729",
"url": "https://bugzilla.suse.com/1254431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.24-race-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-doc-1.24.11-150000.1.50.1.x86_64",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.aarch64",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.ppc64le",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.s390x",
"openSUSE Leap 15.6:go1.24-race-1.24.11-150000.1.50.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-09T23:51:31Z",
"details": "important"
}
],
"title": "CVE-2025-61729"
}
]
}
SUSE-SU-2025:21193-1
Vulnerability from csaf_suse - Published: 2025-12-12 07:45 - Updated: 2025-12-12 07:45Summary
Security update for go1.24
Notes
Title of the patch
Security update for go1.24
Description of the patch
This update for go1.24 fixes the following issues:
Update to go1.24.11.
Security issues fixed:
- CVE-2025-47912: net/url: insufficient validation of bracketed IPv6 hostnames (bsc#1251257).
- CVE-2025-58183: archive/tar: unbounded allocation when parsing GNU sparse map (bsc#1251261).
- CVE-2025-58185: encoding/asn1: pre-allocating memory when parsing DER payload can cause memory exhaustion
(bsc#1251258).
- CVE-2025-58186: net/http: lack of limit when parsing cookies can cause memory exhaustion (bsc#1251259).
- CVE-2025-58187: crypto/x509: quadratic complexity when checking name constraints (bsc#1251254).
- CVE-2025-58188: crypto/x509: panic when validating certificates with DSA public keys (bsc#1251260).
- CVE-2025-58189: crypto/tls: ALPN negotiation error contains attacker controlled information (bsc#1251255).
- CVE-2025-61723: encoding/pem: quadratic complexity when parsing some invalid inputs (bsc#1251256).
- CVE-2025-61724: net/textproto: excessive CPU consumption in Reader.ReadResponse (bsc#1251262).
- CVE-2025-61725: net/mail: excessive CPU consumption in ParseAddress (bsc#1251253).
- CVE-2025-61727: crypto/x509: excluded subdomain constraint doesn't preclude wildcard SAN (bsc#1254430).
- CVE-2025-61729: crypto/x509: excessive resource consumption in printing error string for host certificate validation
(bsc#1254431).
Other issues fixed and changes:
- Version 1.24.11:
* go#76378 internal/cpu: incorrect CPU features bit parsing on loong64 cause illegal instruction core dumps on LA364
cores
- Version 1.24.10:
* go#75831 net/url: ipv4 mapped ipv6 addresses should be valid in square brackets
* go#75951 encoding/pem: regression when decoding blocks with leading garbage
* go#76028 pem/encoding: malformed line endings can cause panics
- Version 1.24.9:
* go#75860 crypto/x509: TLS validation fails for FQDNs with trailing dot
- Version 1.24.8:
* go#75138 os: Root.OpenRoot sets incorrect name, losing prefix of original root
* go#75220 debug/pe: pe.Open fails on object files produced by llvm-mingw 21
* go#75351 cmd/link: panic on riscv64 with CGO enabled due to empty container symbol
* go#75356 net: new test TestIPv4WriteMsgUDPAddrPortTargetAddrIPVersion fails on plan9
* go#75359 os: new test TestOpenFileCreateExclDanglingSymlink fails on Plan 9
* go#75523 crypto/internal/fips140/rsa: requires a panic if self-tests fail
* go#75538 net/http: internal error: connCount underflow
* go#75594 cmd/compile: internal compiler error with GOEXPERIMENT=cgocheck2 on github.com/leodido/go-urn
* go#75609 sync/atomic: comment for Uintptr.Or incorrectly describes return value
- Version 1.24.7:
* go#75007 os/exec: TestLookPath fails on plan9 after CL 685755
* go#74821 cmd/go: "get toolchain@latest" should ignore release candidates
* go#74818 net: WriteMsgUDPAddrPort should accept IPv4-mapped IPv6 destination addresses on IPv4 UDP sockets
- Packaging: migrate from update-alternatives to libalternatives (bsc#1245878).
- Package svgpan.js to fix issues with "go tool pprof" (bsc#1249985).
- Drop unused gccgo bootstrap code in go1.22+ (bsc#1248082).
Patchnames
SUSE-SLES-16.0-103
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.24",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.24 fixes the following issues:\n\nUpdate to go1.24.11.\n\nSecurity issues fixed:\n\n- CVE-2025-47912: net/url: insufficient validation of bracketed IPv6 hostnames (bsc#1251257).\n- CVE-2025-58183: archive/tar: unbounded allocation when parsing GNU sparse map (bsc#1251261).\n- CVE-2025-58185: encoding/asn1: pre-allocating memory when parsing DER payload can cause memory exhaustion\n (bsc#1251258).\n- CVE-2025-58186: net/http: lack of limit when parsing cookies can cause memory exhaustion (bsc#1251259).\n- CVE-2025-58187: crypto/x509: quadratic complexity when checking name constraints (bsc#1251254).\n- CVE-2025-58188: crypto/x509: panic when validating certificates with DSA public keys (bsc#1251260).\n- CVE-2025-58189: crypto/tls: ALPN negotiation error contains attacker controlled information (bsc#1251255).\n- CVE-2025-61723: encoding/pem: quadratic complexity when parsing some invalid inputs (bsc#1251256).\n- CVE-2025-61724: net/textproto: excessive CPU consumption in Reader.ReadResponse (bsc#1251262).\n- CVE-2025-61725: net/mail: excessive CPU consumption in ParseAddress (bsc#1251253).\n- CVE-2025-61727: crypto/x509: excluded subdomain constraint doesn\u0027t preclude wildcard SAN (bsc#1254430).\n- CVE-2025-61729: crypto/x509: excessive resource consumption in printing error string for host certificate validation\n (bsc#1254431).\n\n\nOther issues fixed and changes:\n\n- Version 1.24.11:\n * go#76378 internal/cpu: incorrect CPU features bit parsing on loong64 cause illegal instruction core dumps on LA364\n cores\n\n- Version 1.24.10:\n * go#75831 net/url: ipv4 mapped ipv6 addresses should be valid in square brackets\n * go#75951 encoding/pem: regression when decoding blocks with leading garbage\n * go#76028 pem/encoding: malformed line endings can cause panics\n\n- Version 1.24.9:\n * go#75860 crypto/x509: TLS validation fails for FQDNs with trailing dot\n\n- Version 1.24.8:\n * go#75138 os: Root.OpenRoot sets incorrect name, losing prefix of original root\n * go#75220 debug/pe: pe.Open fails on object files produced by llvm-mingw 21\n * go#75351 cmd/link: panic on riscv64 with CGO enabled due to empty container symbol\n * go#75356 net: new test TestIPv4WriteMsgUDPAddrPortTargetAddrIPVersion fails on plan9\n * go#75359 os: new test TestOpenFileCreateExclDanglingSymlink fails on Plan 9\n * go#75523 crypto/internal/fips140/rsa: requires a panic if self-tests fail\n * go#75538 net/http: internal error: connCount underflow\n * go#75594 cmd/compile: internal compiler error with GOEXPERIMENT=cgocheck2 on github.com/leodido/go-urn\n * go#75609 sync/atomic: comment for Uintptr.Or incorrectly describes return value\n\n- Version 1.24.7:\n * go#75007 os/exec: TestLookPath fails on plan9 after CL 685755\n * go#74821 cmd/go: \"get toolchain@latest\" should ignore release candidates\n * go#74818 net: WriteMsgUDPAddrPort should accept IPv4-mapped IPv6 destination addresses on IPv4 UDP sockets\n\n- Packaging: migrate from update-alternatives to libalternatives (bsc#1245878).\n- Package svgpan.js to fix issues with \"go tool pprof\" (bsc#1249985).\n- Drop unused gccgo bootstrap code in go1.22+ (bsc#1248082).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-103",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_21193-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:21193-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202521193-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:21193-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023548.html"
},
{
"category": "self",
"summary": "SUSE Bug 1236217",
"url": "https://bugzilla.suse.com/1236217"
},
{
"category": "self",
"summary": "SUSE Bug 1245878",
"url": "https://bugzilla.suse.com/1245878"
},
{
"category": "self",
"summary": "SUSE Bug 1247816",
"url": "https://bugzilla.suse.com/1247816"
},
{
"category": "self",
"summary": "SUSE Bug 1248082",
"url": "https://bugzilla.suse.com/1248082"
},
{
"category": "self",
"summary": "SUSE Bug 1249985",
"url": "https://bugzilla.suse.com/1249985"
},
{
"category": "self",
"summary": "SUSE Bug 1251253",
"url": "https://bugzilla.suse.com/1251253"
},
{
"category": "self",
"summary": "SUSE Bug 1251254",
"url": "https://bugzilla.suse.com/1251254"
},
{
"category": "self",
"summary": "SUSE Bug 1251255",
"url": "https://bugzilla.suse.com/1251255"
},
{
"category": "self",
"summary": "SUSE Bug 1251256",
"url": "https://bugzilla.suse.com/1251256"
},
{
"category": "self",
"summary": "SUSE Bug 1251257",
"url": "https://bugzilla.suse.com/1251257"
},
{
"category": "self",
"summary": "SUSE Bug 1251258",
"url": "https://bugzilla.suse.com/1251258"
},
{
"category": "self",
"summary": "SUSE Bug 1251259",
"url": "https://bugzilla.suse.com/1251259"
},
{
"category": "self",
"summary": "SUSE Bug 1251260",
"url": "https://bugzilla.suse.com/1251260"
},
{
"category": "self",
"summary": "SUSE Bug 1251261",
"url": "https://bugzilla.suse.com/1251261"
},
{
"category": "self",
"summary": "SUSE Bug 1251262",
"url": "https://bugzilla.suse.com/1251262"
},
{
"category": "self",
"summary": "SUSE Bug 1254430",
"url": "https://bugzilla.suse.com/1254430"
},
{
"category": "self",
"summary": "SUSE Bug 1254431",
"url": "https://bugzilla.suse.com/1254431"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58183 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58185 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58186 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58187 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58188 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58189 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58189/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61723 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61724 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61725 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61729 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61729/"
}
],
"title": "Security update for go1.24",
"tracking": {
"current_release_date": "2025-12-12T07:45:36Z",
"generator": {
"date": "2025-12-12T07:45:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:21193-1",
"initial_release_date": "2025-12-12T07:45:36Z",
"revision_history": [
{
"date": "2025-12-12T07:45:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.11-160000.1.1.aarch64",
"product": {
"name": "go1.24-1.24.11-160000.1.1.aarch64",
"product_id": "go1.24-1.24.11-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.11-160000.1.1.aarch64",
"product": {
"name": "go1.24-doc-1.24.11-160000.1.1.aarch64",
"product_id": "go1.24-doc-1.24.11-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.11-160000.1.1.aarch64",
"product": {
"name": "go1.24-libstd-1.24.11-160000.1.1.aarch64",
"product_id": "go1.24-libstd-1.24.11-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.11-160000.1.1.aarch64",
"product": {
"name": "go1.24-race-1.24.11-160000.1.1.aarch64",
"product_id": "go1.24-race-1.24.11-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.11-160000.1.1.ppc64le",
"product": {
"name": "go1.24-1.24.11-160000.1.1.ppc64le",
"product_id": "go1.24-1.24.11-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.11-160000.1.1.ppc64le",
"product": {
"name": "go1.24-doc-1.24.11-160000.1.1.ppc64le",
"product_id": "go1.24-doc-1.24.11-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.11-160000.1.1.ppc64le",
"product": {
"name": "go1.24-race-1.24.11-160000.1.1.ppc64le",
"product_id": "go1.24-race-1.24.11-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.11-160000.1.1.s390x",
"product": {
"name": "go1.24-1.24.11-160000.1.1.s390x",
"product_id": "go1.24-1.24.11-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.11-160000.1.1.s390x",
"product": {
"name": "go1.24-doc-1.24.11-160000.1.1.s390x",
"product_id": "go1.24-doc-1.24.11-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.11-160000.1.1.s390x",
"product": {
"name": "go1.24-race-1.24.11-160000.1.1.s390x",
"product_id": "go1.24-race-1.24.11-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.11-160000.1.1.x86_64",
"product": {
"name": "go1.24-1.24.11-160000.1.1.x86_64",
"product_id": "go1.24-1.24.11-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.11-160000.1.1.x86_64",
"product": {
"name": "go1.24-doc-1.24.11-160000.1.1.x86_64",
"product_id": "go1.24-doc-1.24.11-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.11-160000.1.1.x86_64",
"product": {
"name": "go1.24-libstd-1.24.11-160000.1.1.x86_64",
"product_id": "go1.24-libstd-1.24.11-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.11-160000.1.1.x86_64",
"product": {
"name": "go1.24-race-1.24.11-160000.1.1.x86_64",
"product_id": "go1.24-race-1.24.11-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64"
},
"product_reference": "go1.24-1.24.11-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le"
},
"product_reference": "go1.24-1.24.11-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x"
},
"product_reference": "go1.24-1.24.11-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64"
},
"product_reference": "go1.24-1.24.11-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.11-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le"
},
"product_reference": "go1.24-doc-1.24.11-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x"
},
"product_reference": "go1.24-doc-1.24.11-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.11-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64"
},
"product_reference": "go1.24-libstd-1.24.11-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.11-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64"
},
"product_reference": "go1.24-libstd-1.24.11-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64"
},
"product_reference": "go1.24-race-1.24.11-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le"
},
"product_reference": "go1.24-race-1.24.11-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x"
},
"product_reference": "go1.24-race-1.24.11-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64"
},
"product_reference": "go1.24-1.24.11-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le"
},
"product_reference": "go1.24-1.24.11-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x"
},
"product_reference": "go1.24-1.24.11-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64"
},
"product_reference": "go1.24-1.24.11-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.11-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le"
},
"product_reference": "go1.24-doc-1.24.11-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x"
},
"product_reference": "go1.24-doc-1.24.11-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.11-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64"
},
"product_reference": "go1.24-libstd-1.24.11-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.11-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64"
},
"product_reference": "go1.24-libstd-1.24.11-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64"
},
"product_reference": "go1.24-race-1.24.11-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le"
},
"product_reference": "go1.24-race-1.24.11-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x"
},
"product_reference": "go1.24-race-1.24.11-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47912"
}
],
"notes": [
{
"category": "general",
"text": "The Parse function permits values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed within square brackets. For example: \"http://[::1]/\". IPv4 addresses and hostnames must not appear within square brackets. Parse did not enforce this requirement.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47912",
"url": "https://www.suse.com/security/cve/CVE-2025-47912"
},
{
"category": "external",
"summary": "SUSE Bug 1251257 for CVE-2025-47912",
"url": "https://bugzilla.suse.com/1251257"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:45:36Z",
"details": "important"
}
],
"title": "CVE-2025-47912"
},
{
"cve": "CVE-2025-58183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58183"
}
],
"notes": [
{
"category": "general",
"text": "tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a compressed source, a small compressed input can result in large allocations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58183",
"url": "https://www.suse.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "SUSE Bug 1251261 for CVE-2025-58183",
"url": "https://bugzilla.suse.com/1251261"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-58183"
},
{
"cve": "CVE-2025-58185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58185"
}
],
"notes": [
{
"category": "general",
"text": "Parsing a maliciously crafted DER payload could allocate large amounts of memory, causing memory exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58185",
"url": "https://www.suse.com/security/cve/CVE-2025-58185"
},
{
"category": "external",
"summary": "SUSE Bug 1251258 for CVE-2025-58185",
"url": "https://bugzilla.suse.com/1251258"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-58185"
},
{
"cve": "CVE-2025-58186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58186"
}
],
"notes": [
{
"category": "general",
"text": "Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as \"a=;\", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58186",
"url": "https://www.suse.com/security/cve/CVE-2025-58186"
},
{
"category": "external",
"summary": "SUSE Bug 1251259 for CVE-2025-58186",
"url": "https://bugzilla.suse.com/1251259"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-58186"
},
{
"cve": "CVE-2025-58187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58187"
}
],
"notes": [
{
"category": "general",
"text": "Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58187",
"url": "https://www.suse.com/security/cve/CVE-2025-58187"
},
{
"category": "external",
"summary": "SUSE Bug 1251254 for CVE-2025-58187",
"url": "https://bugzilla.suse.com/1251254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-58187"
},
{
"cve": "CVE-2025-58188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58188"
}
],
"notes": [
{
"category": "general",
"text": "Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58188",
"url": "https://www.suse.com/security/cve/CVE-2025-58188"
},
{
"category": "external",
"summary": "SUSE Bug 1251260 for CVE-2025-58188",
"url": "https://bugzilla.suse.com/1251260"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:45:36Z",
"details": "important"
}
],
"title": "CVE-2025-58188"
},
{
"cve": "CVE-2025-58189",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58189"
}
],
"notes": [
{
"category": "general",
"text": "When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information (the ALPN protocols sent by the client) which is not escaped.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58189",
"url": "https://www.suse.com/security/cve/CVE-2025-58189"
},
{
"category": "external",
"summary": "SUSE Bug 1251255 for CVE-2025-58189",
"url": "https://bugzilla.suse.com/1251255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-58189"
},
{
"cve": "CVE-2025-61723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61723"
}
],
"notes": [
{
"category": "general",
"text": "The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61723",
"url": "https://www.suse.com/security/cve/CVE-2025-61723"
},
{
"category": "external",
"summary": "SUSE Bug 1251256 for CVE-2025-61723",
"url": "https://bugzilla.suse.com/1251256"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-61723"
},
{
"cve": "CVE-2025-61724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61724"
}
],
"notes": [
{
"category": "general",
"text": "The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61724",
"url": "https://www.suse.com/security/cve/CVE-2025-61724"
},
{
"category": "external",
"summary": "SUSE Bug 1251262 for CVE-2025-61724",
"url": "https://bugzilla.suse.com/1251262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-61724"
},
{
"cve": "CVE-2025-61725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61725"
}
],
"notes": [
{
"category": "general",
"text": "The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61725",
"url": "https://www.suse.com/security/cve/CVE-2025-61725"
},
{
"category": "external",
"summary": "SUSE Bug 1251253 for CVE-2025-61725",
"url": "https://bugzilla.suse.com/1251253"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-61725"
},
{
"cve": "CVE-2025-61727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61727"
}
],
"notes": [
{
"category": "general",
"text": "An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN *.example.com.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61727",
"url": "https://www.suse.com/security/cve/CVE-2025-61727"
},
{
"category": "external",
"summary": "SUSE Bug 1254430 for CVE-2025-61727",
"url": "https://bugzilla.suse.com/1254430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:45:36Z",
"details": "important"
}
],
"title": "CVE-2025-61727"
},
{
"cve": "CVE-2025-61729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61729"
}
],
"notes": [
{
"category": "general",
"text": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61729",
"url": "https://www.suse.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "SUSE Bug 1254431 for CVE-2025-61729",
"url": "https://bugzilla.suse.com/1254431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:go1.24-race-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-doc-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-libstd-1.24.11-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:go1.24-race-1.24.11-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T07:45:36Z",
"details": "important"
}
],
"title": "CVE-2025-61729"
}
]
}
OPENSUSE-SU-2025:15796-1
Vulnerability from csaf_opensuse - Published: 2025-12-04 00:00 - Updated: 2025-12-04 00:00Summary
go1.24-1.24.11-1.1 on GA media
Notes
Title of the patch
go1.24-1.24.11-1.1 on GA media
Description of the patch
These are all security issues fixed in the go1.24-1.24.11-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15796
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go1.24-1.24.11-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go1.24-1.24.11-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15796",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15796-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61729 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61729/"
}
],
"title": "go1.24-1.24.11-1.1 on GA media",
"tracking": {
"current_release_date": "2025-12-04T00:00:00Z",
"generator": {
"date": "2025-12-04T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15796-1",
"initial_release_date": "2025-12-04T00:00:00Z",
"revision_history": [
{
"date": "2025-12-04T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.11-1.1.aarch64",
"product": {
"name": "go1.24-1.24.11-1.1.aarch64",
"product_id": "go1.24-1.24.11-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.11-1.1.aarch64",
"product": {
"name": "go1.24-doc-1.24.11-1.1.aarch64",
"product_id": "go1.24-doc-1.24.11-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.11-1.1.aarch64",
"product": {
"name": "go1.24-libstd-1.24.11-1.1.aarch64",
"product_id": "go1.24-libstd-1.24.11-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.11-1.1.aarch64",
"product": {
"name": "go1.24-race-1.24.11-1.1.aarch64",
"product_id": "go1.24-race-1.24.11-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.11-1.1.ppc64le",
"product": {
"name": "go1.24-1.24.11-1.1.ppc64le",
"product_id": "go1.24-1.24.11-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.11-1.1.ppc64le",
"product": {
"name": "go1.24-doc-1.24.11-1.1.ppc64le",
"product_id": "go1.24-doc-1.24.11-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.11-1.1.ppc64le",
"product": {
"name": "go1.24-libstd-1.24.11-1.1.ppc64le",
"product_id": "go1.24-libstd-1.24.11-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.11-1.1.ppc64le",
"product": {
"name": "go1.24-race-1.24.11-1.1.ppc64le",
"product_id": "go1.24-race-1.24.11-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.11-1.1.s390x",
"product": {
"name": "go1.24-1.24.11-1.1.s390x",
"product_id": "go1.24-1.24.11-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.11-1.1.s390x",
"product": {
"name": "go1.24-doc-1.24.11-1.1.s390x",
"product_id": "go1.24-doc-1.24.11-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.11-1.1.s390x",
"product": {
"name": "go1.24-libstd-1.24.11-1.1.s390x",
"product_id": "go1.24-libstd-1.24.11-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.11-1.1.s390x",
"product": {
"name": "go1.24-race-1.24.11-1.1.s390x",
"product_id": "go1.24-race-1.24.11-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.24-1.24.11-1.1.x86_64",
"product": {
"name": "go1.24-1.24.11-1.1.x86_64",
"product_id": "go1.24-1.24.11-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-doc-1.24.11-1.1.x86_64",
"product": {
"name": "go1.24-doc-1.24.11-1.1.x86_64",
"product_id": "go1.24-doc-1.24.11-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-libstd-1.24.11-1.1.x86_64",
"product": {
"name": "go1.24-libstd-1.24.11-1.1.x86_64",
"product_id": "go1.24-libstd-1.24.11-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.24-race-1.24.11-1.1.x86_64",
"product": {
"name": "go1.24-race-1.24.11-1.1.x86_64",
"product_id": "go1.24-race-1.24.11-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-1.24.11-1.1.aarch64"
},
"product_reference": "go1.24-1.24.11-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-1.24.11-1.1.ppc64le"
},
"product_reference": "go1.24-1.24.11-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-1.24.11-1.1.s390x"
},
"product_reference": "go1.24-1.24.11-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-1.24.11-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-1.24.11-1.1.x86_64"
},
"product_reference": "go1.24-1.24.11-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.aarch64"
},
"product_reference": "go1.24-doc-1.24.11-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.ppc64le"
},
"product_reference": "go1.24-doc-1.24.11-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.s390x"
},
"product_reference": "go1.24-doc-1.24.11-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-doc-1.24.11-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.x86_64"
},
"product_reference": "go1.24-doc-1.24.11-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.11-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.aarch64"
},
"product_reference": "go1.24-libstd-1.24.11-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.11-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.ppc64le"
},
"product_reference": "go1.24-libstd-1.24.11-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.11-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.s390x"
},
"product_reference": "go1.24-libstd-1.24.11-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-libstd-1.24.11-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.x86_64"
},
"product_reference": "go1.24-libstd-1.24.11-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.aarch64"
},
"product_reference": "go1.24-race-1.24.11-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.ppc64le"
},
"product_reference": "go1.24-race-1.24.11-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.s390x"
},
"product_reference": "go1.24-race-1.24.11-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.24-race-1.24.11-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.x86_64"
},
"product_reference": "go1.24-race-1.24.11-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61727"
}
],
"notes": [
{
"category": "general",
"text": "An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN *.example.com.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61727",
"url": "https://www.suse.com/security/cve/CVE-2025-61727"
},
{
"category": "external",
"summary": "SUSE Bug 1254430 for CVE-2025-61727",
"url": "https://bugzilla.suse.com/1254430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-61727"
},
{
"cve": "CVE-2025-61729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61729"
}
],
"notes": [
{
"category": "general",
"text": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61729",
"url": "https://www.suse.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "SUSE Bug 1254431 for CVE-2025-61729",
"url": "https://bugzilla.suse.com/1254431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-doc-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-libstd-1.24.11-1.1.x86_64",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.aarch64",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.ppc64le",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.s390x",
"openSUSE Tumbleweed:go1.24-race-1.24.11-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-61729"
}
]
}
OPENSUSE-SU-2025:15817-1
Vulnerability from csaf_opensuse - Published: 2025-12-12 00:00 - Updated: 2025-12-12 00:00Summary
buildpacks-cli-0.39.1-1.1 on GA media
Notes
Title of the patch
buildpacks-cli-0.39.1-1.1 on GA media
Description of the patch
These are all security issues fixed in the buildpacks-cli-0.39.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15817
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "buildpacks-cli-0.39.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the buildpacks-cli-0.39.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15817",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15817-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61729 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61729/"
}
],
"title": "buildpacks-cli-0.39.1-1.1 on GA media",
"tracking": {
"current_release_date": "2025-12-12T00:00:00Z",
"generator": {
"date": "2025-12-12T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15817-1",
"initial_release_date": "2025-12-12T00:00:00Z",
"revision_history": [
{
"date": "2025-12-12T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "buildpacks-cli-0.39.1-1.1.aarch64",
"product": {
"name": "buildpacks-cli-0.39.1-1.1.aarch64",
"product_id": "buildpacks-cli-0.39.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "buildpacks-cli-bash-completion-0.39.1-1.1.aarch64",
"product": {
"name": "buildpacks-cli-bash-completion-0.39.1-1.1.aarch64",
"product_id": "buildpacks-cli-bash-completion-0.39.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "buildpacks-cli-fish-completion-0.39.1-1.1.aarch64",
"product": {
"name": "buildpacks-cli-fish-completion-0.39.1-1.1.aarch64",
"product_id": "buildpacks-cli-fish-completion-0.39.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "buildpacks-cli-zsh-completion-0.39.1-1.1.aarch64",
"product": {
"name": "buildpacks-cli-zsh-completion-0.39.1-1.1.aarch64",
"product_id": "buildpacks-cli-zsh-completion-0.39.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "buildpacks-cli-0.39.1-1.1.ppc64le",
"product": {
"name": "buildpacks-cli-0.39.1-1.1.ppc64le",
"product_id": "buildpacks-cli-0.39.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "buildpacks-cli-bash-completion-0.39.1-1.1.ppc64le",
"product": {
"name": "buildpacks-cli-bash-completion-0.39.1-1.1.ppc64le",
"product_id": "buildpacks-cli-bash-completion-0.39.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "buildpacks-cli-fish-completion-0.39.1-1.1.ppc64le",
"product": {
"name": "buildpacks-cli-fish-completion-0.39.1-1.1.ppc64le",
"product_id": "buildpacks-cli-fish-completion-0.39.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "buildpacks-cli-zsh-completion-0.39.1-1.1.ppc64le",
"product": {
"name": "buildpacks-cli-zsh-completion-0.39.1-1.1.ppc64le",
"product_id": "buildpacks-cli-zsh-completion-0.39.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "buildpacks-cli-0.39.1-1.1.s390x",
"product": {
"name": "buildpacks-cli-0.39.1-1.1.s390x",
"product_id": "buildpacks-cli-0.39.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "buildpacks-cli-bash-completion-0.39.1-1.1.s390x",
"product": {
"name": "buildpacks-cli-bash-completion-0.39.1-1.1.s390x",
"product_id": "buildpacks-cli-bash-completion-0.39.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "buildpacks-cli-fish-completion-0.39.1-1.1.s390x",
"product": {
"name": "buildpacks-cli-fish-completion-0.39.1-1.1.s390x",
"product_id": "buildpacks-cli-fish-completion-0.39.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "buildpacks-cli-zsh-completion-0.39.1-1.1.s390x",
"product": {
"name": "buildpacks-cli-zsh-completion-0.39.1-1.1.s390x",
"product_id": "buildpacks-cli-zsh-completion-0.39.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "buildpacks-cli-0.39.1-1.1.x86_64",
"product": {
"name": "buildpacks-cli-0.39.1-1.1.x86_64",
"product_id": "buildpacks-cli-0.39.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "buildpacks-cli-bash-completion-0.39.1-1.1.x86_64",
"product": {
"name": "buildpacks-cli-bash-completion-0.39.1-1.1.x86_64",
"product_id": "buildpacks-cli-bash-completion-0.39.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "buildpacks-cli-fish-completion-0.39.1-1.1.x86_64",
"product": {
"name": "buildpacks-cli-fish-completion-0.39.1-1.1.x86_64",
"product_id": "buildpacks-cli-fish-completion-0.39.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "buildpacks-cli-zsh-completion-0.39.1-1.1.x86_64",
"product": {
"name": "buildpacks-cli-zsh-completion-0.39.1-1.1.x86_64",
"product_id": "buildpacks-cli-zsh-completion-0.39.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "buildpacks-cli-0.39.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.aarch64"
},
"product_reference": "buildpacks-cli-0.39.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildpacks-cli-0.39.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.ppc64le"
},
"product_reference": "buildpacks-cli-0.39.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildpacks-cli-0.39.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.s390x"
},
"product_reference": "buildpacks-cli-0.39.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildpacks-cli-0.39.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.x86_64"
},
"product_reference": "buildpacks-cli-0.39.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildpacks-cli-bash-completion-0.39.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.aarch64"
},
"product_reference": "buildpacks-cli-bash-completion-0.39.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildpacks-cli-bash-completion-0.39.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.ppc64le"
},
"product_reference": "buildpacks-cli-bash-completion-0.39.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildpacks-cli-bash-completion-0.39.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.s390x"
},
"product_reference": "buildpacks-cli-bash-completion-0.39.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildpacks-cli-bash-completion-0.39.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.x86_64"
},
"product_reference": "buildpacks-cli-bash-completion-0.39.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildpacks-cli-fish-completion-0.39.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.aarch64"
},
"product_reference": "buildpacks-cli-fish-completion-0.39.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildpacks-cli-fish-completion-0.39.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.ppc64le"
},
"product_reference": "buildpacks-cli-fish-completion-0.39.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildpacks-cli-fish-completion-0.39.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.s390x"
},
"product_reference": "buildpacks-cli-fish-completion-0.39.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildpacks-cli-fish-completion-0.39.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.x86_64"
},
"product_reference": "buildpacks-cli-fish-completion-0.39.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildpacks-cli-zsh-completion-0.39.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.aarch64"
},
"product_reference": "buildpacks-cli-zsh-completion-0.39.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildpacks-cli-zsh-completion-0.39.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.ppc64le"
},
"product_reference": "buildpacks-cli-zsh-completion-0.39.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildpacks-cli-zsh-completion-0.39.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.s390x"
},
"product_reference": "buildpacks-cli-zsh-completion-0.39.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildpacks-cli-zsh-completion-0.39.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.x86_64"
},
"product_reference": "buildpacks-cli-zsh-completion-0.39.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61727"
}
],
"notes": [
{
"category": "general",
"text": "An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN *.example.com.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61727",
"url": "https://www.suse.com/security/cve/CVE-2025-61727"
},
{
"category": "external",
"summary": "SUSE Bug 1254430 for CVE-2025-61727",
"url": "https://bugzilla.suse.com/1254430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-61727"
},
{
"cve": "CVE-2025-61729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61729"
}
],
"notes": [
{
"category": "general",
"text": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61729",
"url": "https://www.suse.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "SUSE Bug 1254431 for CVE-2025-61729",
"url": "https://bugzilla.suse.com/1254431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-bash-completion-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-fish-completion-0.39.1-1.1.x86_64",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.aarch64",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.ppc64le",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.s390x",
"openSUSE Tumbleweed:buildpacks-cli-zsh-completion-0.39.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-12T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-61729"
}
]
}
OPENSUSE-SU-2026:10030-1
Vulnerability from csaf_opensuse - Published: 2026-01-12 00:00 - Updated: 2026-01-12 00:00Summary
k6-1.5.0-1.1 on GA media
Notes
Title of the patch
k6-1.5.0-1.1 on GA media
Description of the patch
These are all security issues fixed in the k6-1.5.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2026-10030
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "k6-1.5.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the k6-1.5.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10030",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10030-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61729 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61729/"
}
],
"title": "k6-1.5.0-1.1 on GA media",
"tracking": {
"current_release_date": "2026-01-12T00:00:00Z",
"generator": {
"date": "2026-01-12T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10030-1",
"initial_release_date": "2026-01-12T00:00:00Z",
"revision_history": [
{
"date": "2026-01-12T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "k6-1.5.0-1.1.aarch64",
"product": {
"name": "k6-1.5.0-1.1.aarch64",
"product_id": "k6-1.5.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "k6-bash-completion-1.5.0-1.1.aarch64",
"product": {
"name": "k6-bash-completion-1.5.0-1.1.aarch64",
"product_id": "k6-bash-completion-1.5.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "k6-fish-completion-1.5.0-1.1.aarch64",
"product": {
"name": "k6-fish-completion-1.5.0-1.1.aarch64",
"product_id": "k6-fish-completion-1.5.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "k6-zsh-completion-1.5.0-1.1.aarch64",
"product": {
"name": "k6-zsh-completion-1.5.0-1.1.aarch64",
"product_id": "k6-zsh-completion-1.5.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "k6-1.5.0-1.1.ppc64le",
"product": {
"name": "k6-1.5.0-1.1.ppc64le",
"product_id": "k6-1.5.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "k6-bash-completion-1.5.0-1.1.ppc64le",
"product": {
"name": "k6-bash-completion-1.5.0-1.1.ppc64le",
"product_id": "k6-bash-completion-1.5.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "k6-fish-completion-1.5.0-1.1.ppc64le",
"product": {
"name": "k6-fish-completion-1.5.0-1.1.ppc64le",
"product_id": "k6-fish-completion-1.5.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "k6-zsh-completion-1.5.0-1.1.ppc64le",
"product": {
"name": "k6-zsh-completion-1.5.0-1.1.ppc64le",
"product_id": "k6-zsh-completion-1.5.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "k6-1.5.0-1.1.s390x",
"product": {
"name": "k6-1.5.0-1.1.s390x",
"product_id": "k6-1.5.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "k6-bash-completion-1.5.0-1.1.s390x",
"product": {
"name": "k6-bash-completion-1.5.0-1.1.s390x",
"product_id": "k6-bash-completion-1.5.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "k6-fish-completion-1.5.0-1.1.s390x",
"product": {
"name": "k6-fish-completion-1.5.0-1.1.s390x",
"product_id": "k6-fish-completion-1.5.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "k6-zsh-completion-1.5.0-1.1.s390x",
"product": {
"name": "k6-zsh-completion-1.5.0-1.1.s390x",
"product_id": "k6-zsh-completion-1.5.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "k6-1.5.0-1.1.x86_64",
"product": {
"name": "k6-1.5.0-1.1.x86_64",
"product_id": "k6-1.5.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "k6-bash-completion-1.5.0-1.1.x86_64",
"product": {
"name": "k6-bash-completion-1.5.0-1.1.x86_64",
"product_id": "k6-bash-completion-1.5.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "k6-fish-completion-1.5.0-1.1.x86_64",
"product": {
"name": "k6-fish-completion-1.5.0-1.1.x86_64",
"product_id": "k6-fish-completion-1.5.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "k6-zsh-completion-1.5.0-1.1.x86_64",
"product": {
"name": "k6-zsh-completion-1.5.0-1.1.x86_64",
"product_id": "k6-zsh-completion-1.5.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-1.5.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-1.5.0-1.1.aarch64"
},
"product_reference": "k6-1.5.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-1.5.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-1.5.0-1.1.ppc64le"
},
"product_reference": "k6-1.5.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-1.5.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-1.5.0-1.1.s390x"
},
"product_reference": "k6-1.5.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-1.5.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-1.5.0-1.1.x86_64"
},
"product_reference": "k6-1.5.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-bash-completion-1.5.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-bash-completion-1.5.0-1.1.aarch64"
},
"product_reference": "k6-bash-completion-1.5.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-bash-completion-1.5.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-bash-completion-1.5.0-1.1.ppc64le"
},
"product_reference": "k6-bash-completion-1.5.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-bash-completion-1.5.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-bash-completion-1.5.0-1.1.s390x"
},
"product_reference": "k6-bash-completion-1.5.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-bash-completion-1.5.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-bash-completion-1.5.0-1.1.x86_64"
},
"product_reference": "k6-bash-completion-1.5.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-fish-completion-1.5.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-fish-completion-1.5.0-1.1.aarch64"
},
"product_reference": "k6-fish-completion-1.5.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-fish-completion-1.5.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-fish-completion-1.5.0-1.1.ppc64le"
},
"product_reference": "k6-fish-completion-1.5.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-fish-completion-1.5.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-fish-completion-1.5.0-1.1.s390x"
},
"product_reference": "k6-fish-completion-1.5.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-fish-completion-1.5.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-fish-completion-1.5.0-1.1.x86_64"
},
"product_reference": "k6-fish-completion-1.5.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-zsh-completion-1.5.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-zsh-completion-1.5.0-1.1.aarch64"
},
"product_reference": "k6-zsh-completion-1.5.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-zsh-completion-1.5.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-zsh-completion-1.5.0-1.1.ppc64le"
},
"product_reference": "k6-zsh-completion-1.5.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-zsh-completion-1.5.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-zsh-completion-1.5.0-1.1.s390x"
},
"product_reference": "k6-zsh-completion-1.5.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-zsh-completion-1.5.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-zsh-completion-1.5.0-1.1.x86_64"
},
"product_reference": "k6-zsh-completion-1.5.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61729"
}
],
"notes": [
{
"category": "general",
"text": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:k6-1.5.0-1.1.aarch64",
"openSUSE Tumbleweed:k6-1.5.0-1.1.ppc64le",
"openSUSE Tumbleweed:k6-1.5.0-1.1.s390x",
"openSUSE Tumbleweed:k6-1.5.0-1.1.x86_64",
"openSUSE Tumbleweed:k6-bash-completion-1.5.0-1.1.aarch64",
"openSUSE Tumbleweed:k6-bash-completion-1.5.0-1.1.ppc64le",
"openSUSE Tumbleweed:k6-bash-completion-1.5.0-1.1.s390x",
"openSUSE Tumbleweed:k6-bash-completion-1.5.0-1.1.x86_64",
"openSUSE Tumbleweed:k6-fish-completion-1.5.0-1.1.aarch64",
"openSUSE Tumbleweed:k6-fish-completion-1.5.0-1.1.ppc64le",
"openSUSE Tumbleweed:k6-fish-completion-1.5.0-1.1.s390x",
"openSUSE Tumbleweed:k6-fish-completion-1.5.0-1.1.x86_64",
"openSUSE Tumbleweed:k6-zsh-completion-1.5.0-1.1.aarch64",
"openSUSE Tumbleweed:k6-zsh-completion-1.5.0-1.1.ppc64le",
"openSUSE Tumbleweed:k6-zsh-completion-1.5.0-1.1.s390x",
"openSUSE Tumbleweed:k6-zsh-completion-1.5.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61729",
"url": "https://www.suse.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "SUSE Bug 1254431 for CVE-2025-61729",
"url": "https://bugzilla.suse.com/1254431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:k6-1.5.0-1.1.aarch64",
"openSUSE Tumbleweed:k6-1.5.0-1.1.ppc64le",
"openSUSE Tumbleweed:k6-1.5.0-1.1.s390x",
"openSUSE Tumbleweed:k6-1.5.0-1.1.x86_64",
"openSUSE Tumbleweed:k6-bash-completion-1.5.0-1.1.aarch64",
"openSUSE Tumbleweed:k6-bash-completion-1.5.0-1.1.ppc64le",
"openSUSE Tumbleweed:k6-bash-completion-1.5.0-1.1.s390x",
"openSUSE Tumbleweed:k6-bash-completion-1.5.0-1.1.x86_64",
"openSUSE Tumbleweed:k6-fish-completion-1.5.0-1.1.aarch64",
"openSUSE Tumbleweed:k6-fish-completion-1.5.0-1.1.ppc64le",
"openSUSE Tumbleweed:k6-fish-completion-1.5.0-1.1.s390x",
"openSUSE Tumbleweed:k6-fish-completion-1.5.0-1.1.x86_64",
"openSUSE Tumbleweed:k6-zsh-completion-1.5.0-1.1.aarch64",
"openSUSE Tumbleweed:k6-zsh-completion-1.5.0-1.1.ppc64le",
"openSUSE Tumbleweed:k6-zsh-completion-1.5.0-1.1.s390x",
"openSUSE Tumbleweed:k6-zsh-completion-1.5.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:k6-1.5.0-1.1.aarch64",
"openSUSE Tumbleweed:k6-1.5.0-1.1.ppc64le",
"openSUSE Tumbleweed:k6-1.5.0-1.1.s390x",
"openSUSE Tumbleweed:k6-1.5.0-1.1.x86_64",
"openSUSE Tumbleweed:k6-bash-completion-1.5.0-1.1.aarch64",
"openSUSE Tumbleweed:k6-bash-completion-1.5.0-1.1.ppc64le",
"openSUSE Tumbleweed:k6-bash-completion-1.5.0-1.1.s390x",
"openSUSE Tumbleweed:k6-bash-completion-1.5.0-1.1.x86_64",
"openSUSE Tumbleweed:k6-fish-completion-1.5.0-1.1.aarch64",
"openSUSE Tumbleweed:k6-fish-completion-1.5.0-1.1.ppc64le",
"openSUSE Tumbleweed:k6-fish-completion-1.5.0-1.1.s390x",
"openSUSE Tumbleweed:k6-fish-completion-1.5.0-1.1.x86_64",
"openSUSE Tumbleweed:k6-zsh-completion-1.5.0-1.1.aarch64",
"openSUSE Tumbleweed:k6-zsh-completion-1.5.0-1.1.ppc64le",
"openSUSE Tumbleweed:k6-zsh-completion-1.5.0-1.1.s390x",
"openSUSE Tumbleweed:k6-zsh-completion-1.5.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-12T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-61729"
}
]
}
OPENSUSE-SU-2025:15795-1
Vulnerability from csaf_opensuse - Published: 2025-12-03 00:00 - Updated: 2025-12-03 00:00Summary
go1.25-1.25.5-1.1 on GA media
Notes
Title of the patch
go1.25-1.25.5-1.1 on GA media
Description of the patch
These are all security issues fixed in the go1.25-1.25.5-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15795
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go1.25-1.25.5-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go1.25-1.25.5-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15795",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15795-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61729 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61729/"
}
],
"title": "go1.25-1.25.5-1.1 on GA media",
"tracking": {
"current_release_date": "2025-12-03T00:00:00Z",
"generator": {
"date": "2025-12-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15795-1",
"initial_release_date": "2025-12-03T00:00:00Z",
"revision_history": [
{
"date": "2025-12-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.5-1.1.aarch64",
"product": {
"name": "go1.25-1.25.5-1.1.aarch64",
"product_id": "go1.25-1.25.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.5-1.1.aarch64",
"product": {
"name": "go1.25-doc-1.25.5-1.1.aarch64",
"product_id": "go1.25-doc-1.25.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.5-1.1.aarch64",
"product": {
"name": "go1.25-libstd-1.25.5-1.1.aarch64",
"product_id": "go1.25-libstd-1.25.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.5-1.1.aarch64",
"product": {
"name": "go1.25-race-1.25.5-1.1.aarch64",
"product_id": "go1.25-race-1.25.5-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.5-1.1.ppc64le",
"product": {
"name": "go1.25-1.25.5-1.1.ppc64le",
"product_id": "go1.25-1.25.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.5-1.1.ppc64le",
"product": {
"name": "go1.25-doc-1.25.5-1.1.ppc64le",
"product_id": "go1.25-doc-1.25.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.5-1.1.ppc64le",
"product": {
"name": "go1.25-libstd-1.25.5-1.1.ppc64le",
"product_id": "go1.25-libstd-1.25.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.5-1.1.ppc64le",
"product": {
"name": "go1.25-race-1.25.5-1.1.ppc64le",
"product_id": "go1.25-race-1.25.5-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.5-1.1.s390x",
"product": {
"name": "go1.25-1.25.5-1.1.s390x",
"product_id": "go1.25-1.25.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.5-1.1.s390x",
"product": {
"name": "go1.25-doc-1.25.5-1.1.s390x",
"product_id": "go1.25-doc-1.25.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.5-1.1.s390x",
"product": {
"name": "go1.25-libstd-1.25.5-1.1.s390x",
"product_id": "go1.25-libstd-1.25.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.5-1.1.s390x",
"product": {
"name": "go1.25-race-1.25.5-1.1.s390x",
"product_id": "go1.25-race-1.25.5-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.5-1.1.x86_64",
"product": {
"name": "go1.25-1.25.5-1.1.x86_64",
"product_id": "go1.25-1.25.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.5-1.1.x86_64",
"product": {
"name": "go1.25-doc-1.25.5-1.1.x86_64",
"product_id": "go1.25-doc-1.25.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.5-1.1.x86_64",
"product": {
"name": "go1.25-libstd-1.25.5-1.1.x86_64",
"product_id": "go1.25-libstd-1.25.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.5-1.1.x86_64",
"product": {
"name": "go1.25-race-1.25.5-1.1.x86_64",
"product_id": "go1.25-race-1.25.5-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-1.25.5-1.1.aarch64"
},
"product_reference": "go1.25-1.25.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-1.25.5-1.1.ppc64le"
},
"product_reference": "go1.25-1.25.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-1.25.5-1.1.s390x"
},
"product_reference": "go1.25-1.25.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-1.25.5-1.1.x86_64"
},
"product_reference": "go1.25-1.25.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.s390x"
},
"product_reference": "go1.25-doc-1.25.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.aarch64"
},
"product_reference": "go1.25-libstd-1.25.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.ppc64le"
},
"product_reference": "go1.25-libstd-1.25.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.s390x"
},
"product_reference": "go1.25-libstd-1.25.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.x86_64"
},
"product_reference": "go1.25-libstd-1.25.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.aarch64"
},
"product_reference": "go1.25-race-1.25.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.s390x"
},
"product_reference": "go1.25-race-1.25.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.x86_64"
},
"product_reference": "go1.25-race-1.25.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61727"
}
],
"notes": [
{
"category": "general",
"text": "An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN *.example.com.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61727",
"url": "https://www.suse.com/security/cve/CVE-2025-61727"
},
{
"category": "external",
"summary": "SUSE Bug 1254430 for CVE-2025-61727",
"url": "https://bugzilla.suse.com/1254430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-61727"
},
{
"cve": "CVE-2025-61729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61729"
}
],
"notes": [
{
"category": "general",
"text": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61729",
"url": "https://www.suse.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "SUSE Bug 1254431 for CVE-2025-61729",
"url": "https://bugzilla.suse.com/1254431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.5-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-61729"
}
]
}
FKIE_CVE-2025-61729
Vulnerability from fkie_nvd - Published: 2025-12-02 19:15 - Updated: 2025-12-19 18:25
Severity ?
Summary
Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.
References
| URL | Tags | ||
|---|---|---|---|
| security@golang.org | https://go.dev/cl/725920 | Patch | |
| security@golang.org | https://go.dev/issue/76445 | Issue Tracking, Patch | |
| security@golang.org | https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 | Mailing List, Release Notes | |
| security@golang.org | https://pkg.go.dev/vuln/GO-2025-4155 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2E6FD2A-A487-4099-B91D-2429F286AC6D",
"versionEndExcluding": "1.24.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39C03A37-B94B-46E4-B1C2-A70A870F8E53",
"versionEndExcluding": "1.25.5",
"versionStartIncluding": "1.25.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption."
}
],
"id": "CVE-2025-61729",
"lastModified": "2025-12-19T18:25:28.283",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-12-02T19:15:51.447",
"references": [
{
"source": "security@golang.org",
"tags": [
"Patch"
],
"url": "https://go.dev/cl/725920"
},
{
"source": "security@golang.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://go.dev/issue/76445"
},
{
"source": "security@golang.org",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"source": "security@golang.org",
"tags": [
"Vendor Advisory"
],
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"sourceIdentifier": "security@golang.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
WID-SEC-W-2025-2724
Vulnerability from csaf_certbund - Published: 2025-12-02 23:00 - Updated: 2026-01-21 23:00Summary
Golang Go: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Go ist eine quelloffene Programmiersprache.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um Sicherheitsvorkehrungen zu umgehen, und um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Go ist eine quelloffene Programmiersprache.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um Sicherheitsvorkehrungen zu umgehen, und um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2724 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2724.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2724 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2724"
},
{
"category": "external",
"summary": "Golang Announce vom 2025-12-02",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "Golang/Go GitHub vom 2025-12-02",
"url": "https://github.com/golang/go/issues/76445"
},
{
"category": "external",
"summary": "Golang/Go GitHub vom 2025-12-02",
"url": "https://github.com/golang/go/issues/76442"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates vom 2025-12-09",
"url": "https://msrc.microsoft.com/update-guide/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4337-1 vom 2025-12-10",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/V6FRZFUY7IMUIH434HM7TP3Z4LTXGEXM/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4336-1 vom 2025-12-10",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MQKJBVGIUPQFJGOASKZKHJ56ON2DGRDD/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4337-1 vom 2025-12-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023492.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4336-1 vom 2025-12-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023493.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025-20157-1 vom 2025-12-14",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2U4ZHXRG6FRV2PVCQEFXC42LYXWQIXQG/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21192-1 vom 2025-12-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023549.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21193-1 vom 2025-12-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023548.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-090 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-090.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-091 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-091.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3119 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3119.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3118 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3118.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3120 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3120.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2025-083 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2025-083.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2025-084 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2025-084.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3098 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3098.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3100 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3100.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3097 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3097.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2025-082 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2025-082.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2025-081 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2025-081.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3105 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3105.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2025-080 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2025-080.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2025-079 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2025-079.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-087 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-087.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-088 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-088.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-089 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-089.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-090 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-090.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-091 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-091.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-092 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-092.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-093 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-093.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-094 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-094.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-086 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-086.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-087 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-087.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-088 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-088.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-089 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-089.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10030-1 vom 2026-01-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DOH4RQD6DF6QJ5K5LPUZIBSPIUJOV4WF/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10031-1 vom 2026-01-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/D4YDMFDXLFWYJ3MDUGV7CSZRLJCE7BFT/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0921 vom 2026-01-21",
"url": "https://access.redhat.com/errata/RHSA-2026:0921"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0922 vom 2026-01-21",
"url": "https://access.redhat.com/errata/RHSA-2026:0922"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0923 vom 2026-01-21",
"url": "https://linux.oracle.com/errata/ELSA-2026-0923.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2026-094 vom 2026-01-22",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2026-094.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0923 vom 2026-01-21",
"url": "https://access.redhat.com/errata/RHSA-2026:0923"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0921 vom 2026-01-21",
"url": "https://linux.oracle.com/errata/ELSA-2026-0921.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2026-085 vom 2026-01-22",
"url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2026-085.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0922 vom 2026-01-21",
"url": "https://linux.oracle.com/errata/ELSA-2026-0922.html"
}
],
"source_lang": "en-US",
"title": "Golang Go: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-01-21T23:00:00.000+00:00",
"generator": {
"date": "2026-01-22T08:56:31.047+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2724",
"initial_release_date": "2025-12-02T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-12-02T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-12-09T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-12-14T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-12-15T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Go und SUSE aufgenommen"
},
{
"date": "2026-01-05T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2026-01-13T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-21T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Oracle Linux, Amazon und Red Hat aufgenommen"
}
],
"status": "final",
"version": "8"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.25.5",
"product": {
"name": "Golang Go \u003c1.25.5",
"product_id": "T049032"
}
},
{
"category": "product_version",
"name": "1.25.5",
"product": {
"name": "Golang Go 1.25.5",
"product_id": "T049032-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:1.25.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.24.11",
"product": {
"name": "Golang Go \u003c1.24.11",
"product_id": "T049033"
}
},
{
"category": "product_version",
"name": "1.24.11",
"product": {
"name": "Golang Go 1.24.11",
"product_id": "T049033-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:1.24.11"
}
}
}
],
"category": "product_name",
"name": "Go"
}
],
"category": "vendor",
"name": "Golang"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "azl3",
"product": {
"name": "Microsoft Azure Linux azl3",
"product_id": "T049210",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3"
}
}
}
],
"category": "product_name",
"name": "Azure Linux"
}
],
"category": "vendor",
"name": "Microsoft"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61727",
"product_status": {
"known_affected": [
"T002207",
"T049033",
"67646",
"T049032",
"T027843",
"398363",
"T049210",
"T004914"
]
},
"release_date": "2025-12-02T23:00:00.000+00:00",
"title": "CVE-2025-61727"
},
{
"cve": "CVE-2025-61729",
"product_status": {
"known_affected": [
"T002207",
"T049033",
"67646",
"T049032",
"T027843",
"398363",
"T049210",
"T004914"
]
},
"release_date": "2025-12-02T23:00:00.000+00:00",
"title": "CVE-2025-61729"
}
]
}
MSRC_CVE-2025-61729
Vulnerability from csaf_microsoft - Published: 2025-12-02 00:00 - Updated: 2025-12-13 01:38Summary
Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509 - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-61729.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Excessive resource consumption when printing error string for host certificate validation in crypto/x509",
"tracking": {
"current_release_date": "2025-12-13T01:38:50.000Z",
"generator": {
"date": "2025-12-13T08:20:19.798Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2025-61729",
"initial_release_date": "2025-12-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-12-05T01:01:55.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2025-12-06T14:41:10.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2025-12-07T01:40:29.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
},
{
"date": "2025-12-09T01:37:35.000Z",
"legacy_version": "4",
"number": "4",
"summary": "Information published."
},
{
"date": "2025-12-12T01:38:08.000Z",
"legacy_version": "5",
"number": "5",
"summary": "Information published."
},
{
"date": "2025-12-13T01:38:50.000Z",
"legacy_version": "6",
"number": "6",
"summary": "Information published."
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "azl3 golang 1.25.5-1",
"product": {
"name": "azl3 golang 1.25.5-1",
"product_id": "1"
}
},
{
"category": "product_version_range",
"name": "cbl2 golang 1.18.8-10",
"product": {
"name": "cbl2 golang 1.18.8-10",
"product_id": "6"
}
},
{
"category": "product_version_range",
"name": "cbl2 golang 1.22.7-5",
"product": {
"name": "cbl2 golang 1.22.7-5",
"product_id": "7"
}
},
{
"category": "product_version_range",
"name": "azl3 golang 1.23.12-1",
"product": {
"name": "azl3 golang 1.23.12-1",
"product_id": "8"
}
},
{
"category": "product_version_range",
"name": "azl3 golang 1.25.3-1",
"product": {
"name": "azl3 golang 1.25.3-1",
"product_id": "5"
}
}
],
"category": "product_name",
"name": "golang"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 gcc 11.2.0-8",
"product": {
"name": "cbl2 gcc 11.2.0-8",
"product_id": "12"
}
}
],
"category": "product_name",
"name": "gcc"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 msft-golang 1.24.9-1",
"product": {
"name": "cbl2 msft-golang 1.24.9-1",
"product_id": "4"
}
},
{
"category": "product_version_range",
"name": "cbl2 msft-golang 1.24.11-1",
"product": {
"name": "cbl2 msft-golang 1.24.11-1",
"product_id": "3"
}
}
],
"category": "product_name",
"name": "msft-golang"
},
{
"category": "product_name",
"name": "cbl2 python-tensorboard 2.11.0-3",
"product": {
"name": "cbl2 python-tensorboard 2.11.0-3",
"product_id": "9"
}
},
{
"category": "product_name",
"name": "azl3 python-tensorboard 2.16.2-6",
"product": {
"name": "azl3 python-tensorboard 2.16.2-6",
"product_id": "10"
}
},
{
"category": "product_name",
"name": "azl3 tensorflow 2.16.1-9",
"product": {
"name": "azl3 tensorflow 2.16.1-9",
"product_id": "14"
}
},
{
"category": "product_name",
"name": "cbl2 gcc 11.2.0-9",
"product": {
"name": "cbl2 gcc 11.2.0-9",
"product_id": "2"
}
},
{
"category": "product_name",
"name": "azl3 gcc 13.2.0-7",
"product": {
"name": "azl3 gcc 13.2.0-7",
"product_id": "13"
}
},
{
"category": "product_name",
"name": "cbl2 tensorflow 2.11.1-2",
"product": {
"name": "cbl2 tensorflow 2.11.1-2",
"product_id": "11"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 python-tensorboard 2.11.0-3 as a component of CBL Mariner 2.0",
"product_id": "17086-9"
},
"product_reference": "9",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python-tensorboard 2.16.2-6 as a component of Azure Linux 3.0",
"product_id": "17084-10"
},
"product_reference": "10",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 tensorflow 2.16.1-9 as a component of Azure Linux 3.0",
"product_id": "17084-14"
},
"product_reference": "14",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 gcc 11.2.0-9 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 golang 1.25.5-1 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 golang 1.18.8-10 as a component of CBL Mariner 2.0",
"product_id": "17086-6"
},
"product_reference": "6",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 golang 1.22.7-5 as a component of CBL Mariner 2.0",
"product_id": "17086-7"
},
"product_reference": "7",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 golang 1.23.12-1 as a component of Azure Linux 3.0",
"product_id": "17084-8"
},
"product_reference": "8",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 golang 1.25.3-1 as a component of Azure Linux 3.0",
"product_id": "17084-5"
},
"product_reference": "5",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 gcc 11.2.0-8 as a component of CBL Mariner 2.0",
"product_id": "17086-12"
},
"product_reference": "12",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 gcc 13.2.0-7 as a component of Azure Linux 3.0",
"product_id": "17084-13"
},
"product_reference": "13",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 msft-golang 1.24.9-1 as a component of CBL Mariner 2.0",
"product_id": "17086-4"
},
"product_reference": "4",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 tensorflow 2.11.1-2 as a component of CBL Mariner 2.0",
"product_id": "17086-11"
},
"product_reference": "11",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 msft-golang 1.24.11-1 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61729",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17086-9",
"17084-10",
"17084-14",
"17086-2",
"17084-13",
"17086-11"
]
}
],
"notes": [
{
"category": "general",
"text": "Go",
"title": "Assigning CNA"
}
],
"product_status": {
"known_affected": [
"17084-1",
"17086-6",
"17086-7",
"17084-8",
"17084-5",
"17086-12",
"17086-4",
"17086-3"
],
"known_not_affected": [
"17086-9",
"17084-10",
"17084-14",
"17086-2",
"17084-13",
"17086-11"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509 - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-61729.json"
}
],
"remediations": [
{
"category": "none_available",
"date": "2025-12-05T01:01:55.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-1"
]
},
{
"category": "none_available",
"date": "2025-12-05T01:01:55.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-6"
]
},
{
"category": "none_available",
"date": "2025-12-05T01:01:55.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-7"
]
},
{
"category": "none_available",
"date": "2025-12-05T01:01:55.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-8"
]
},
{
"category": "none_available",
"date": "2025-12-05T01:01:55.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-5"
]
},
{
"category": "none_available",
"date": "2025-12-05T01:01:55.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-12"
]
},
{
"category": "none_available",
"date": "2025-12-05T01:01:55.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-4"
]
},
{
"category": "none_available",
"date": "2025-12-05T01:01:55.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"17084-1",
"17086-6",
"17086-7",
"17084-8",
"17084-5",
"17086-12",
"17086-4",
"17086-3"
]
}
],
"title": "Excessive resource consumption when printing error string for host certificate validation in crypto/x509"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…