Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/923848?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/923848?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid", "type": "deb", "namespace": "debian", "name": "golang-1.25", "version": "1.25.2-1", "qualifiers": { "distro": "sid" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1.25.6-1", "latest_non_vulnerable_version": "1.25.9-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66649?format=api", "vulnerability_id": "VCID-254d-pjst-c7hx", "summary": "golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58186.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58186.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58186", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07774", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07821", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07778", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08778", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11167", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11253", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11276", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11287", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11226", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11098", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11089", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11125", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11221", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58186" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58186", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58186" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407250", "reference_id": "2407250", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407250" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI", "reference_id": "4Emdl2iQ_bI", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:24:44Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI" }, { "reference_url": "https://go.dev/cl/709855", "reference_id": "709855", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:24:44Z/" } ], "url": "https://go.dev/cl/709855" }, { "reference_url": "https://go.dev/issue/75672", "reference_id": "75672", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:24:44Z/" } ], "url": "https://go.dev/issue/75672" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-4012", "reference_id": "GO-2025-4012", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:24:44Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-4012" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923848?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/923846?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-245f-jhkn-w3ck" }, { "vulnerability": "VCID-91yp-p6st-8ucd" }, { "vulnerability": "VCID-ju53-xpej-3qca" }, { "vulnerability": "VCID-s176-xcrb-e3ea" }, { "vulnerability": "VCID-svbs-h3y5-wfbn" }, { "vulnerability": "VCID-t19m-gs1u-rbfp" }, { "vulnerability": "VCID-tf52-aa91-4kf3" }, { "vulnerability": "VCID-tmb1-tq9e-puhd" }, { "vulnerability": "VCID-vw1r-8zev-ykf4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059618?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-58186" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-254d-pjst-c7hx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66646?format=api", "vulnerability_id": "VCID-3nqb-6mna-jyb4", "summary": "net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61724.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61724.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61724", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03374", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03387", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03403", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04314", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05839", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05659", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05648", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05691", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05698", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05726", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05705", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05875", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05699", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61724" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61724", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61724" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407257", "reference_id": "2407257", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407257" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI", "reference_id": "4Emdl2iQ_bI", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:22:06Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI" }, { "reference_url": "https://go.dev/cl/709859", "reference_id": "709859", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:22:06Z/" } ], "url": "https://go.dev/cl/709859" }, { "reference_url": "https://go.dev/issue/75716", "reference_id": "75716", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:22:06Z/" } ], "url": "https://go.dev/issue/75716" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-4015", "reference_id": "GO-2025-4015", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:22:06Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-4015" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923848?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/923846?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-245f-jhkn-w3ck" }, { "vulnerability": "VCID-91yp-p6st-8ucd" }, { "vulnerability": "VCID-ju53-xpej-3qca" }, { "vulnerability": "VCID-s176-xcrb-e3ea" }, { "vulnerability": "VCID-svbs-h3y5-wfbn" }, { "vulnerability": "VCID-t19m-gs1u-rbfp" }, { "vulnerability": "VCID-tf52-aa91-4kf3" }, { "vulnerability": "VCID-tmb1-tq9e-puhd" }, { "vulnerability": "VCID-vw1r-8zev-ykf4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059618?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-61724" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3nqb-6mna-jyb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66645?format=api", "vulnerability_id": "VCID-7n3z-vwk2-3ydr", "summary": "crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58188.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58188.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58188", "reference_id": "", "reference_type": "", "scores": [ { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00426", "published_at": "2026-04-07T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00399", "published_at": "2026-04-04T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00853", "published_at": "2026-04-26T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00877", "published_at": "2026-04-08T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00875", "published_at": "2026-04-09T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00864", "published_at": "2026-04-11T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00858", "published_at": "2026-04-16T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.0086", "published_at": "2026-04-13T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00865", "published_at": "2026-04-18T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00851", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58188" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58188" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407255", "reference_id": "2407255", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407255" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI", "reference_id": "4Emdl2iQ_bI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:23:42Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI" }, { "reference_url": "https://go.dev/cl/709853", "reference_id": "709853", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:23:42Z/" } ], "url": "https://go.dev/cl/709853" }, { "reference_url": "https://go.dev/issue/75675", "reference_id": "75675", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:23:42Z/" } ], "url": "https://go.dev/issue/75675" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-4013", "reference_id": "GO-2025-4013", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:23:42Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-4013" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923848?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/923846?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-245f-jhkn-w3ck" }, { "vulnerability": "VCID-91yp-p6st-8ucd" }, { "vulnerability": "VCID-ju53-xpej-3qca" }, { "vulnerability": "VCID-s176-xcrb-e3ea" }, { "vulnerability": "VCID-svbs-h3y5-wfbn" }, { "vulnerability": "VCID-t19m-gs1u-rbfp" }, { "vulnerability": "VCID-tf52-aa91-4kf3" }, { "vulnerability": "VCID-tmb1-tq9e-puhd" }, { "vulnerability": "VCID-vw1r-8zev-ykf4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059618?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-58188" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7n3z-vwk2-3ydr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66651?format=api", "vulnerability_id": "VCID-br2f-7ux9-hkhg", "summary": "encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61723.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61723.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61723", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07653", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07696", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07665", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09096", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1155", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11633", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11658", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11669", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11606", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1147", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11468", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1151", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11598", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61723" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61723", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61723" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407252", "reference_id": "2407252", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407252" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI", "reference_id": "4Emdl2iQ_bI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T20:35:15Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI" }, { "reference_url": "https://go.dev/cl/709858", "reference_id": "709858", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T20:35:15Z/" } ], "url": "https://go.dev/cl/709858" }, { "reference_url": "https://go.dev/issue/75676", "reference_id": "75676", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T20:35:15Z/" } ], "url": "https://go.dev/issue/75676" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-4009", "reference_id": "GO-2025-4009", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T20:35:15Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-4009" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923848?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/923846?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-245f-jhkn-w3ck" }, { "vulnerability": "VCID-91yp-p6st-8ucd" }, { "vulnerability": "VCID-ju53-xpej-3qca" }, { "vulnerability": "VCID-s176-xcrb-e3ea" }, { "vulnerability": "VCID-svbs-h3y5-wfbn" }, { "vulnerability": "VCID-t19m-gs1u-rbfp" }, { "vulnerability": "VCID-tf52-aa91-4kf3" }, { "vulnerability": "VCID-tmb1-tq9e-puhd" }, { "vulnerability": "VCID-vw1r-8zev-ykf4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059618?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-61723" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-br2f-7ux9-hkhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66652?format=api", "vulnerability_id": "VCID-bv1f-bee8-cbek", "summary": "net/mail: Excessive CPU consumption in ParseAddress in net/mail", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61725.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61725.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61725", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.0806", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08103", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08055", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1228", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12197", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12218", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12106", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12103", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12214", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12251", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12288", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12161", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12231", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61725" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61725", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61725" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407249", "reference_id": "2407249", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407249" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI", "reference_id": "4Emdl2iQ_bI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:44:00Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI" }, { "reference_url": "https://go.dev/cl/709860", "reference_id": "709860", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:44:00Z/" } ], "url": "https://go.dev/cl/709860" }, { "reference_url": "https://go.dev/issue/75680", "reference_id": "75680", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:44:00Z/" } ], "url": "https://go.dev/issue/75680" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-4006", "reference_id": "GO-2025-4006", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:44:00Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-4006" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923848?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/923846?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-245f-jhkn-w3ck" }, { "vulnerability": "VCID-91yp-p6st-8ucd" }, { "vulnerability": "VCID-ju53-xpej-3qca" }, { "vulnerability": "VCID-s176-xcrb-e3ea" }, { "vulnerability": "VCID-svbs-h3y5-wfbn" }, { "vulnerability": "VCID-t19m-gs1u-rbfp" }, { "vulnerability": "VCID-tf52-aa91-4kf3" }, { "vulnerability": "VCID-tmb1-tq9e-puhd" }, { "vulnerability": "VCID-vw1r-8zev-ykf4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059618?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-61725" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bv1f-bee8-cbek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66647?format=api", "vulnerability_id": "VCID-mvsr-c2yh-mbdq", "summary": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58183.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58183.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58183", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01864", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01876", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04099", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.0401", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04028", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03998", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03982", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03952", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03932", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03945", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04081", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04813", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58183" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258", "reference_id": "2407258", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI", "reference_id": "4Emdl2iQ_bI", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:22:41Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI" }, { "reference_url": "https://go.dev/cl/709861", "reference_id": "709861", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:22:41Z/" } ], "url": "https://go.dev/cl/709861" }, { "reference_url": "https://go.dev/issue/75677", "reference_id": "75677", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:22:41Z/" } ], "url": "https://go.dev/issue/75677" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-4014", "reference_id": "GO-2025-4014", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:22:41Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-4014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21778", "reference_id": "RHSA-2025:21778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21779", "reference_id": "RHSA-2025:21779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21815", "reference_id": "RHSA-2025:21815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21816", "reference_id": "RHSA-2025:21816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21856", "reference_id": "RHSA-2025:21856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21964", "reference_id": "RHSA-2025:21964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22011", "reference_id": "RHSA-2025:22011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22012", "reference_id": "RHSA-2025:22012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22030", "reference_id": "RHSA-2025:22030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22181", "reference_id": "RHSA-2025:22181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22255", "reference_id": "RHSA-2025:22255", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22255" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22345", "reference_id": "RHSA-2025:22345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22668", "reference_id": "RHSA-2025:22668", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22668" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22738", "reference_id": "RHSA-2025:22738", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22743", "reference_id": "RHSA-2025:22743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22759", "reference_id": "RHSA-2025:22759", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22759" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22899", "reference_id": "RHSA-2025:22899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23001", "reference_id": "RHSA-2025:23001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23002", "reference_id": "RHSA-2025:23002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23087", "reference_id": "RHSA-2025:23087", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23087" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23088", "reference_id": "RHSA-2025:23088", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23088" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23294", "reference_id": "RHSA-2025:23294", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23294" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23295", "reference_id": "RHSA-2025:23295", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23295" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23325", "reference_id": "RHSA-2025:23325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23326", "reference_id": "RHSA-2025:23326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23347", "reference_id": "RHSA-2025:23347", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23347" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23348", "reference_id": "RHSA-2025:23348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23374", "reference_id": "RHSA-2025:23374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23394", "reference_id": "RHSA-2025:23394", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23394" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23421", "reference_id": "RHSA-2025:23421", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23546", "reference_id": "RHSA-2025:23546", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23546" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23733", "reference_id": "RHSA-2025:23733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23736", "reference_id": "RHSA-2025:23736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23737", "reference_id": "RHSA-2025:23737", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23737" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23740", "reference_id": "RHSA-2025:23740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23741", "reference_id": "RHSA-2025:23741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23746", "reference_id": "RHSA-2025:23746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23747", "reference_id": "RHSA-2025:23747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23948", "reference_id": "RHSA-2025:23948", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23948" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0226", "reference_id": "RHSA-2026:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0227", "reference_id": "RHSA-2026:0227", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0227" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0243", "reference_id": "RHSA-2026:0243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0244", "reference_id": "RHSA-2026:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0245", "reference_id": "RHSA-2026:0245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0246", "reference_id": "RHSA-2026:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0314", "reference_id": "RHSA-2026:0314", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0314" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0424", "reference_id": "RHSA-2026:0424", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0424" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0426", "reference_id": "RHSA-2026:0426", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0426" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0477", "reference_id": "RHSA-2026:0477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0527", "reference_id": "RHSA-2026:0527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0530", "reference_id": "RHSA-2026:0530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0663", "reference_id": "RHSA-2026:0663", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0671", "reference_id": "RHSA-2026:0671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0973", "reference_id": "RHSA-2026:0973", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0973" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0987", "reference_id": "RHSA-2026:0987", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0987" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1018", "reference_id": "RHSA-2026:1018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1025", "reference_id": "RHSA-2026:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1067", "reference_id": "RHSA-2026:1067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1071", "reference_id": "RHSA-2026:1071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1072", "reference_id": "RHSA-2026:1072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1377", "reference_id": "RHSA-2026:1377", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1377" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1378", "reference_id": "RHSA-2026:1378", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1379", "reference_id": "RHSA-2026:1379", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1379" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1380", "reference_id": "RHSA-2026:1380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1381", "reference_id": "RHSA-2026:1381", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1488", "reference_id": "RHSA-2026:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1517", "reference_id": "RHSA-2026:1517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1520", "reference_id": "RHSA-2026:1520", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1520" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1552", "reference_id": "RHSA-2026:1552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1837", "reference_id": "RHSA-2026:1837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1838", "reference_id": "RHSA-2026:1838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1942", "reference_id": "RHSA-2026:1942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2071", "reference_id": "RHSA-2026:2071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2082", "reference_id": "RHSA-2026:2082", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2082" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2129", "reference_id": "RHSA-2026:2129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2343", "reference_id": "RHSA-2026:2343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2350", "reference_id": "RHSA-2026:2350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2351", "reference_id": "RHSA-2026:2351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2456", "reference_id": "RHSA-2026:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2568", "reference_id": "RHSA-2026:2568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2571", "reference_id": "RHSA-2026:2571", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2571" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2711", "reference_id": "RHSA-2026:2711", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2711" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2737", "reference_id": "RHSA-2026:2737", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2737" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2900", "reference_id": "RHSA-2026:2900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3108", "reference_id": "RHSA-2026:3108", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3875", "reference_id": "RHSA-2026:3875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3905", "reference_id": "RHSA-2026:3905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4215", "reference_id": "RHSA-2026:4215", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4215" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4418", "reference_id": "RHSA-2026:4418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4423", "reference_id": "RHSA-2026:4423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4434", "reference_id": "RHSA-2026:4434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4464", "reference_id": "RHSA-2026:4464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4482", "reference_id": "RHSA-2026:4482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4482" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4510", "reference_id": "RHSA-2026:4510", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4510" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4532", "reference_id": "RHSA-2026:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4533", "reference_id": "RHSA-2026:4533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4533" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4693", "reference_id": "RHSA-2026:4693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4936", "reference_id": "RHSA-2026:4936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5086", "reference_id": "RHSA-2026:5086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5107", "reference_id": "RHSA-2026:5107", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5107" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5234", "reference_id": "RHSA-2026:5234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5394", "reference_id": "RHSA-2026:5394", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5394" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5636", "reference_id": "RHSA-2026:5636", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5636" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5645", "reference_id": "RHSA-2026:5645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5645" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5866", "reference_id": "RHSA-2026:5866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5876", "reference_id": "RHSA-2026:5876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6191", "reference_id": "RHSA-2026:6191", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6191" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6226", "reference_id": "RHSA-2026:6226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6493", "reference_id": "RHSA-2026:6493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6564", "reference_id": "RHSA-2026:6564", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6564" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7252", "reference_id": "RHSA-2026:7252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8218", "reference_id": "RHSA-2026:8218", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8218" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8229", "reference_id": "RHSA-2026:8229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8325", "reference_id": "RHSA-2026:8325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8325" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923848?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/923846?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-245f-jhkn-w3ck" }, { "vulnerability": "VCID-91yp-p6st-8ucd" }, { "vulnerability": "VCID-ju53-xpej-3qca" }, { "vulnerability": "VCID-s176-xcrb-e3ea" }, { "vulnerability": "VCID-svbs-h3y5-wfbn" }, { "vulnerability": "VCID-t19m-gs1u-rbfp" }, { "vulnerability": "VCID-tf52-aa91-4kf3" }, { "vulnerability": "VCID-tmb1-tq9e-puhd" }, { "vulnerability": "VCID-vw1r-8zev-ykf4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059618?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-58183" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mvsr-c2yh-mbdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66653?format=api", "vulnerability_id": "VCID-q9yj-ze4x-qyfr", "summary": "crypto/x509: Quadratic complexity when checking name constraints in crypto/x509", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58187.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58187.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58187", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02064", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02071", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02066", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03032", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04651", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04675", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04669", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04634", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04786", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04611", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04602", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04823", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04663", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58187" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58187", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58187" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407259", "reference_id": "2407259", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407259" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI", "reference_id": "4Emdl2iQ_bI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:51:43Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI" }, { "reference_url": "https://go.dev/cl/709854", "reference_id": "709854", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:51:43Z/" } ], "url": "https://go.dev/cl/709854" }, { "reference_url": "https://go.dev/issue/75681", "reference_id": "75681", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:51:43Z/" } ], "url": "https://go.dev/issue/75681" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-4007", "reference_id": "GO-2025-4007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:51:43Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-4007" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923848?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/923846?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-245f-jhkn-w3ck" }, { "vulnerability": "VCID-91yp-p6st-8ucd" }, { "vulnerability": "VCID-ju53-xpej-3qca" }, { "vulnerability": "VCID-s176-xcrb-e3ea" }, { "vulnerability": "VCID-svbs-h3y5-wfbn" }, { "vulnerability": "VCID-t19m-gs1u-rbfp" }, { "vulnerability": "VCID-tf52-aa91-4kf3" }, { "vulnerability": "VCID-tmb1-tq9e-puhd" }, { "vulnerability": "VCID-vw1r-8zev-ykf4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059618?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-58187" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q9yj-ze4x-qyfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66648?format=api", "vulnerability_id": "VCID-sb3w-x3yv-ffft", "summary": "net/url: Insufficient validation of bracketed IPv6 hostnames in net/url", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47912.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47912.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47912", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04808", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06186", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05802", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05831", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06006", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06045", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06034", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06026", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06017", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05982", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05992", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06155", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05837", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47912" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407247", "reference_id": "2407247", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407247" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI", "reference_id": "4Emdl2iQ_bI", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T20:37:56Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI" }, { "reference_url": "https://go.dev/cl/709857", "reference_id": "709857", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T20:37:56Z/" } ], "url": "https://go.dev/cl/709857" }, { "reference_url": "https://go.dev/issue/75678", "reference_id": "75678", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T20:37:56Z/" } ], "url": "https://go.dev/issue/75678" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-4010", "reference_id": "GO-2025-4010", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T20:37:56Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-4010" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923848?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/923846?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-245f-jhkn-w3ck" }, { "vulnerability": "VCID-91yp-p6st-8ucd" }, { "vulnerability": "VCID-ju53-xpej-3qca" }, { "vulnerability": "VCID-s176-xcrb-e3ea" }, { "vulnerability": "VCID-svbs-h3y5-wfbn" }, { "vulnerability": "VCID-t19m-gs1u-rbfp" }, { "vulnerability": "VCID-tf52-aa91-4kf3" }, { "vulnerability": "VCID-tmb1-tq9e-puhd" }, { "vulnerability": "VCID-vw1r-8zev-ykf4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059618?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-47912" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sb3w-x3yv-ffft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66650?format=api", "vulnerability_id": "VCID-t2dr-6dz3-7qgt", "summary": "encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58185.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58185.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58185", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06096", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06126", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0611", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07141", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08959", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08996", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08995", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08947", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09011", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08811", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08836", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08961", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08966", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58185" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407251", "reference_id": "2407251", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407251" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI", "reference_id": "4Emdl2iQ_bI", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:25:15Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI" }, { "reference_url": "https://go.dev/cl/709856", "reference_id": "709856", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:25:15Z/" } ], "url": "https://go.dev/cl/709856" }, { "reference_url": "https://go.dev/issue/75671", "reference_id": "75671", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:25:15Z/" } ], "url": "https://go.dev/issue/75671" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-4011", "reference_id": "GO-2025-4011", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:25:15Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-4011" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923848?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/923846?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-245f-jhkn-w3ck" }, { "vulnerability": "VCID-91yp-p6st-8ucd" }, { "vulnerability": "VCID-ju53-xpej-3qca" }, { "vulnerability": "VCID-s176-xcrb-e3ea" }, { "vulnerability": "VCID-svbs-h3y5-wfbn" }, { "vulnerability": "VCID-t19m-gs1u-rbfp" }, { "vulnerability": "VCID-tf52-aa91-4kf3" }, { "vulnerability": "VCID-tmb1-tq9e-puhd" }, { "vulnerability": "VCID-vw1r-8zev-ykf4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059618?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-58185" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t2dr-6dz3-7qgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66654?format=api", "vulnerability_id": "VCID-usyf-s559-pkgx", "summary": "crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58189.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58189.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58189", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01718", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.0171", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01682", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01681", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01693", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01703", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02064", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03452", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03447", "published_at": "2026-04-24T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00888", "published_at": "2026-04-02T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.0089", "published_at": "2026-04-04T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00893", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58189" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58189", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58189" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407260", "reference_id": "2407260", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407260" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI", "reference_id": "4Emdl2iQ_bI", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:50:48Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI" }, { "reference_url": "https://go.dev/cl/707776", "reference_id": "707776", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:50:48Z/" } ], "url": "https://go.dev/cl/707776" }, { "reference_url": "https://go.dev/issue/75652", "reference_id": "75652", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:50:48Z/" } ], "url": "https://go.dev/issue/75652" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-4008", "reference_id": "GO-2025-4008", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:50:48Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-4008" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923848?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/923846?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-245f-jhkn-w3ck" }, { "vulnerability": "VCID-91yp-p6st-8ucd" }, { "vulnerability": "VCID-ju53-xpej-3qca" }, { "vulnerability": "VCID-s176-xcrb-e3ea" }, { "vulnerability": "VCID-svbs-h3y5-wfbn" }, { "vulnerability": "VCID-t19m-gs1u-rbfp" }, { "vulnerability": "VCID-tf52-aa91-4kf3" }, { "vulnerability": "VCID-tmb1-tq9e-puhd" }, { "vulnerability": "VCID-vw1r-8zev-ykf4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059618?format=api", "purl": "pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-58189" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-usyf-s559-pkgx" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid" }