Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/442136?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/442136?format=api", "purl": "pkg:apk/alpine/go@1.25.8-r0?arch=riscv64&distroversion=edge&reponame=community", "type": "apk", "namespace": "alpine", "name": "go", "version": "1.25.8-r0", "qualifiers": { "arch": "riscv64", "distroversion": "edge", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1.26.2-r0", "latest_non_vulnerable_version": "1.26.2-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64344?format=api", "vulnerability_id": "VCID-6a6z-bq7m-c3gf", "summary": "crypto/x509: Panic in name constraint checking for malformed certificates in crypto/x509", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27138.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27138.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27138", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05245", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05215", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05749", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05788", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05813", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05792", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05784", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05778", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05741", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05894", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09868", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0979", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09957", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09952", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09915", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27138" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445344", "reference_id": "2445344", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445344" }, { "reference_url": "https://go.dev/cl/752183", "reference_id": "752183", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/" } ], "url": "https://go.dev/cl/752183" }, { "reference_url": "https://go.dev/issue/77953", "reference_id": "77953", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/" } ], "url": "https://go.dev/issue/77953" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk", "reference_id": "EdhZqrQ98hk", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4600", "reference_id": "GO-2026-4600", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4600" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/442136?format=api", "purl": "pkg:apk/alpine/go@1.25.8-r0?arch=riscv64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.8-r0%3Farch=riscv64&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2026-27138" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6a6z-bq7m-c3gf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64345?format=api", "vulnerability_id": "VCID-8s5d-1byz-8fhz", "summary": "html/template: URLs in meta content attribute actions are not escaped in html/template", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27142.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27142.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27142", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01258", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01421", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01263", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01424", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01429", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01436", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01426", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01542", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01551", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.0153", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01545", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01552", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01555", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01562", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03399", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27142" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27142", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27142" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445351", "reference_id": "2445351", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445351" }, { "reference_url": "https://go.dev/cl/752081", "reference_id": "752081", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/" } ], "url": "https://go.dev/cl/752081" }, { "reference_url": "https://go.dev/issue/77954", "reference_id": "77954", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/" } ], "url": "https://go.dev/issue/77954" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk", "reference_id": "EdhZqrQ98hk", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4603", "reference_id": "GO-2026-4603", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4603" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5192", "reference_id": "RHSA-2026:5192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5192" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/442136?format=api", "purl": "pkg:apk/alpine/go@1.25.8-r0?arch=riscv64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.8-r0%3Farch=riscv64&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2026-27142" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8s5d-1byz-8fhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64343?format=api", "vulnerability_id": "VCID-czyb-wuf2-x7he", "summary": "os: FileInfo can escape from a Root in golang os module", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27139.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27139.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27139", "reference_id": "", "reference_type": "", "scores": [ { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00209", "published_at": "2026-04-02T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.0021", "published_at": "2026-04-04T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00268", "published_at": "2026-04-07T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00266", "published_at": "2026-04-08T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00265", "published_at": "2026-04-11T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00261", "published_at": "2026-04-12T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.0026", "published_at": "2026-04-18T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00259", "published_at": "2026-04-16T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00642", "published_at": "2026-05-07T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00645", "published_at": "2026-05-05T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00646", "published_at": "2026-04-29T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00716", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27139" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445335", "reference_id": "2445335", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445335" }, { "reference_url": "https://go.dev/cl/749480", "reference_id": "749480", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T14:53:55Z/" } ], "url": "https://go.dev/cl/749480" }, { "reference_url": "https://go.dev/issue/77827", "reference_id": "77827", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T14:53:55Z/" } ], "url": "https://go.dev/issue/77827" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk", "reference_id": "EdhZqrQ98hk", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T14:53:55Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4602", "reference_id": "GO-2026-4602", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T14:53:55Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/442136?format=api", "purl": "pkg:apk/alpine/go@1.25.8-r0?arch=riscv64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.8-r0%3Farch=riscv64&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2026-27139" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-czyb-wuf2-x7he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64346?format=api", "vulnerability_id": "VCID-pcez-y67t-8yg3", "summary": "net/url: Incorrect parsing of IPv6 host literals in net/url", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25679.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25679.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25679", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08816", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08768", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09743", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09672", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09793", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09802", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09771", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09754", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.0964", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09612", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15881", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.15964", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.15853", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16017", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16013", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.15973", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356", "reference_id": "2445356", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356" }, { "reference_url": "https://go.dev/cl/752180", "reference_id": "752180", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/" } ], "url": "https://go.dev/cl/752180" }, { "reference_url": "https://go.dev/issue/77578", "reference_id": "77578", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/" } ], "url": "https://go.dev/issue/77578" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk", "reference_id": "EdhZqrQ98hk", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4601", "reference_id": "GO-2026-4601", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10065", "reference_id": "RHSA-2026:10065", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10065" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10125", "reference_id": "RHSA-2026:10125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10133", "reference_id": "RHSA-2026:10133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10140", "reference_id": "RHSA-2026:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10141", "reference_id": "RHSA-2026:10141", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10141" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10158", "reference_id": "RHSA-2026:10158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10169", "reference_id": "RHSA-2026:10169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10175", "reference_id": "RHSA-2026:10175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10184", "reference_id": "RHSA-2026:10184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10225", "reference_id": "RHSA-2026:10225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10250", "reference_id": "RHSA-2026:10250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10701", "reference_id": "RHSA-2026:10701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10712", "reference_id": "RHSA-2026:10712", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10712" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10929", "reference_id": "RHSA-2026:10929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11331", "reference_id": "RHSA-2026:11331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11375", "reference_id": "RHSA-2026:11375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11412", "reference_id": "RHSA-2026:11412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11413", "reference_id": "RHSA-2026:11413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11686", "reference_id": "RHSA-2026:11686", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11686" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11688", "reference_id": "RHSA-2026:11688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11747", "reference_id": "RHSA-2026:11747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11749", "reference_id": "RHSA-2026:11749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11768", "reference_id": "RHSA-2026:11768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11800", "reference_id": "RHSA-2026:11800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11856", "reference_id": "RHSA-2026:11856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11916", "reference_id": "RHSA-2026:11916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11916" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11996", "reference_id": "RHSA-2026:11996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12028", "reference_id": "RHSA-2026:12028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12029", "reference_id": "RHSA-2026:12029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12029" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12030", "reference_id": "RHSA-2026:12030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12031", "reference_id": "RHSA-2026:12031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12032", "reference_id": "RHSA-2026:12032", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12033", "reference_id": "RHSA-2026:12033", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12033" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12282", "reference_id": "RHSA-2026:12282", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12282" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13508", "reference_id": "RHSA-2026:13508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13512", "reference_id": "RHSA-2026:13512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13545", "reference_id": "RHSA-2026:13545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13642", "reference_id": "RHSA-2026:13642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13643", "reference_id": "RHSA-2026:13643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13643" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13671", "reference_id": "RHSA-2026:13671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14020", "reference_id": "RHSA-2026:14020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14868", "reference_id": "RHSA-2026:14868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14879", "reference_id": "RHSA-2026:14879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5110", "reference_id": "RHSA-2026:5110", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5110" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5549", "reference_id": "RHSA-2026:5549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5941", "reference_id": "RHSA-2026:5941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5942", "reference_id": "RHSA-2026:5942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5943", "reference_id": "RHSA-2026:5943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5944", "reference_id": "RHSA-2026:5944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6341", "reference_id": "RHSA-2026:6341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6344", "reference_id": "RHSA-2026:6344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6382", "reference_id": "RHSA-2026:6382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6383", "reference_id": "RHSA-2026:6383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6388", "reference_id": "RHSA-2026:6388", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6388" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6564", "reference_id": "RHSA-2026:6564", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6564" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6720", "reference_id": "RHSA-2026:6720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6802", "reference_id": "RHSA-2026:6802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6949", "reference_id": "RHSA-2026:6949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7005", "reference_id": "RHSA-2026:7005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7009", "reference_id": "RHSA-2026:7009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7011", "reference_id": "RHSA-2026:7011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7259", "reference_id": "RHSA-2026:7259", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7259" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7315", "reference_id": "RHSA-2026:7315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7328", "reference_id": "RHSA-2026:7328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7665", "reference_id": "RHSA-2026:7665", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7665" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7669", "reference_id": "RHSA-2026:7669", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7674", "reference_id": "RHSA-2026:7674", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7674" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7833", "reference_id": "RHSA-2026:7833", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7833" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7834", "reference_id": "RHSA-2026:7834", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7834" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7876", "reference_id": "RHSA-2026:7876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7877", "reference_id": "RHSA-2026:7877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7878", "reference_id": "RHSA-2026:7878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7879", "reference_id": "RHSA-2026:7879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7883", "reference_id": "RHSA-2026:7883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7992", "reference_id": "RHSA-2026:7992", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7992" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8151", "reference_id": "RHSA-2026:8151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8167", "reference_id": "RHSA-2026:8167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8314", "reference_id": "RHSA-2026:8314", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8314" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8322", "reference_id": "RHSA-2026:8322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8324", "reference_id": "RHSA-2026:8324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8337", "reference_id": "RHSA-2026:8337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8338", "reference_id": "RHSA-2026:8338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8433", "reference_id": "RHSA-2026:8433", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8434", "reference_id": "RHSA-2026:8434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8456", "reference_id": "RHSA-2026:8456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8483", "reference_id": "RHSA-2026:8483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8484", "reference_id": "RHSA-2026:8484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8490", "reference_id": "RHSA-2026:8490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8491", "reference_id": "RHSA-2026:8491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8493", "reference_id": "RHSA-2026:8493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8840", "reference_id": "RHSA-2026:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8841", "reference_id": "RHSA-2026:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8842", "reference_id": "RHSA-2026:8842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8845", "reference_id": "RHSA-2026:8845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8847", "reference_id": "RHSA-2026:8847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8848", "reference_id": "RHSA-2026:8848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8849", "reference_id": "RHSA-2026:8849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8851", "reference_id": "RHSA-2026:8851", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8851" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8852", "reference_id": "RHSA-2026:8852", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8852" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8853", "reference_id": "RHSA-2026:8853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8855", "reference_id": "RHSA-2026:8855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8856", "reference_id": "RHSA-2026:8856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8860", "reference_id": "RHSA-2026:8860", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8860" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8877", "reference_id": "RHSA-2026:8877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8878", "reference_id": "RHSA-2026:8878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8879", "reference_id": "RHSA-2026:8879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8881", "reference_id": "RHSA-2026:8881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8882", "reference_id": "RHSA-2026:8882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8930", "reference_id": "RHSA-2026:8930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8931", "reference_id": "RHSA-2026:8931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8949", "reference_id": "RHSA-2026:8949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9043", "reference_id": "RHSA-2026:9043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9044", "reference_id": "RHSA-2026:9044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9052", "reference_id": "RHSA-2026:9052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9090", "reference_id": "RHSA-2026:9090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9093", "reference_id": "RHSA-2026:9093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9093" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9094", "reference_id": "RHSA-2026:9094", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9094" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9097", "reference_id": "RHSA-2026:9097", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9097" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9098", "reference_id": "RHSA-2026:9098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9108", "reference_id": "RHSA-2026:9108", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9109", "reference_id": "RHSA-2026:9109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9385", "reference_id": "RHSA-2026:9385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9385" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9434", "reference_id": "RHSA-2026:9434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9435", "reference_id": "RHSA-2026:9435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9436", "reference_id": "RHSA-2026:9436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9439", "reference_id": "RHSA-2026:9439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9440", "reference_id": "RHSA-2026:9440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9448", "reference_id": "RHSA-2026:9448", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9448" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9453", "reference_id": "RHSA-2026:9453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9453" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9461", "reference_id": "RHSA-2026:9461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9695", "reference_id": "RHSA-2026:9695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9742", "reference_id": "RHSA-2026:9742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9872", "reference_id": "RHSA-2026:9872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9872" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/442136?format=api", "purl": "pkg:apk/alpine/go@1.25.8-r0?arch=riscv64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.8-r0%3Farch=riscv64&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2026-25679" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pcez-y67t-8yg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64347?format=api", "vulnerability_id": "VCID-x5ub-bfb7-nbbr", "summary": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27137.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27137.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27137", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.017", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01692", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02175", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02177", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02198", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0216", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02157", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02132", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02145", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0223", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03157", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03116", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03141", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03123", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03112", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27137" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345", "reference_id": "2445345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345" }, { "reference_url": "https://go.dev/cl/752182", "reference_id": "752182", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/" } ], "url": "https://go.dev/cl/752182" }, { "reference_url": "https://go.dev/issue/77952", "reference_id": "77952", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/" } ], "url": "https://go.dev/issue/77952" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk", "reference_id": "EdhZqrQ98hk", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4599", "reference_id": "GO-2026-4599", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10125", "reference_id": "RHSA-2026:10125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10158", "reference_id": "RHSA-2026:10158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10169", "reference_id": "RHSA-2026:10169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10175", "reference_id": "RHSA-2026:10175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10184", "reference_id": "RHSA-2026:10184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10225", "reference_id": "RHSA-2026:10225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10250", "reference_id": "RHSA-2026:10250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10929", "reference_id": "RHSA-2026:10929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11331", "reference_id": "RHSA-2026:11331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11800", "reference_id": "RHSA-2026:11800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13545", "reference_id": "RHSA-2026:13545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14879", "reference_id": "RHSA-2026:14879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5110", "reference_id": "RHSA-2026:5110", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5110" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5549", "reference_id": "RHSA-2026:5549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8151", "reference_id": "RHSA-2026:8151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8167", "reference_id": "RHSA-2026:8167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8337", "reference_id": "RHSA-2026:8337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8338", "reference_id": "RHSA-2026:8338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8842", "reference_id": "RHSA-2026:8842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9052", "reference_id": "RHSA-2026:9052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9385", "reference_id": "RHSA-2026:9385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9385" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9697", "reference_id": "RHSA-2026:9697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9698", "reference_id": "RHSA-2026:9698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9699", "reference_id": "RHSA-2026:9699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9872", "reference_id": "RHSA-2026:9872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9872" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/442136?format=api", "purl": "pkg:apk/alpine/go@1.25.8-r0?arch=riscv64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.8-r0%3Farch=riscv64&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2026-27137" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x5ub-bfb7-nbbr" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.8-r0%3Farch=riscv64&distroversion=edge&reponame=community" }